cppcheck: Changes to enable scanning codebase without silent errors
Amend the library config file and the suppression list to be able
to scan the codebase as desired without silently failing due to
invalid configurations.
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: Ia4585283958a1579f4895553a83db6d338d9fad6
diff --git a/cppcheck/arm-cortex-m.cfg b/cppcheck/arm-cortex-m.cfg
index 5da59d6..05cb049 100644
--- a/cppcheck/arm-cortex-m.cfg
+++ b/cppcheck/arm-cortex-m.cfg
@@ -1,13 +1,27 @@
<?xml version="1.0"?>
<!--
#-------------------------------------------------------------------------------
-# Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
#-------------------------------------------------------------------------------
-->
<def format="2">
+ <!-- Modules that might be using mbedtls based allocator functions -->
+ <resource>
+ <alloc>mbedtls_calloc</alloc>
+ <dealloc>mbedtls_free</dealloc>
+ </resource>
+ <!-- Missing platform defines on which some header preprocessing relies -->
+ <define name="CHAR_BIT" value="8"/>
+ <!-- This would be defined by the GNUARM toolchain -->
+ <define name="__GNUC__" value="1"/>
+ <!-- This would be defined by the GNUARM toolchain -->
+ <define name="__ARM_ARCH_8M_MAIN__" value="1"/>
+ <!-- tfm_core_panic() and psa_panic() interrupt the flow unconditionally -->
+ <function name="tfm_core_panic"> <noreturn>true</noreturn> </function>
+ <function name="psa_panic"> <noreturn>true</noreturn> </function>
<!-- Minimum-width integer types -->
<podtype name="int_least8_t" sign="s" size="1"/>
<podtype name="uint_least8_t" sign="u" size="1"/>
diff --git a/cppcheck/tfm-suppress-list.txt b/cppcheck/tfm-suppress-list.txt
index 5cb7571..44bc631 100644
--- a/cppcheck/tfm-suppress-list.txt
+++ b/cppcheck/tfm-suppress-list.txt
@@ -30,16 +30,6 @@
//This rule conflicts the our coding style document.
variableScope
-//CppCheck fails to understand macro definitions in compile_commands.json, which
-//have \ characters escaping the opening and closing ". As a result we get the
-//following false alarms.
-
-//CppCheck ignores macros defined on the command line when using a project file
-//(e.g. compile_commands.json). As a result we ca not set compiler specific
-//macros and need to suppress the following error.
-preprocessorErrorDirective:*/tfm_spm_log.h:34
-preprocessorErrorDirective:*/cmsis_compiler.h:320
-
//While cppcheck states to work fine with missing standard library files, it
//still reports a lot of errors regarding those.
//So, ignore these.
@@ -59,6 +49,8 @@
*:*/tools/*
*:*/bl2/ext/*
*:*/platform/ext/*
+*:*/mcuboot/*
+*:*/mbedtls/*
//cppcheck shouldn't complain about unused function.
unusedFunction
@@ -67,7 +59,3 @@
//modified. This is good practice and complies with TF-M guidelines. It should not
//trigger an error.
redundantInitialization:*/security_cnt.c
-
-//Unread variables in the following files in TF-M should not be complained.
-unreadVariable:*/tfm_crypto_func_api.c
-unreadVariable:*/tfm_crypto_secure_api.c