We have successfully ported FreeRTOS v11.1.0 (LTS) into our project and completed initial integration and functional testing.
As part of our quality and safety compliance activities, we performed static analysis on the FreeRTOS v11.1.0 source using our CI pipeline (Jenkins-based static analysis tools).
Since FreeRTOS v11.1.0 (LTS) is officially aligned with MISRA C:2012, we first analyzed the codebase against MISRA C:2012 rules. Based on this analysis, while the code is largely aligned with MISRA C:2012 guidelines, our tools still report Mandatory, Required, and Advisory MISRA C:2012 rule violations.
In addition, due to project requirements, we also performed a MISRA C:2023 compliance analysis on the same codebase. Similar to the 2012 analysis, we observe Mandatory, Required, and Advisory MISRA C:2023 violations reported by the static analysis.
To proceed further, we would like your guidance and support on the following points:
Availability of any official MISRA C:2012 compliance reports, deviation documentation, or justification material for FreeRTOS v11.1.0 (LTS)
Clarification on whether the reported MISRA C:2012 violations are known and intentionally deviated, and any recommended handling for these findings
Current status, guidance, or position regarding MISRA C:2023 analysis for FreeRTOS v11.1.0 (LTS), including any planned support or recommendations
Suggested approach or best practices to address MISRA findings while preserving FreeRTOS functionality and compatibility with upstream LTS releases
Our objective is to achieve MISRA C:2023 compliance with justified deviations, in order to satisfy internal processes and customer requirements.
Could you please advise:
Whether MISRA-compliant source packages, compliance reports, or deviation matrices are available for FreeRTOS v11.1.0 (LTS)
The recommended process or support channel for resolving these MISRA-related action items
We would appreciate your guidance on the next steps and any documentation you can share to support our compliance activities.
Did you look at the source code base, as a number of exceptions are noted in comments where your tool might be reporting, with the justifications for the exceptions.
@Yaadesh this is a big one and I’ll try to unpack it as clearly as I can. I’m going to follow your numbering scheme.
Based on this analysis, while the code is largely aligned with MISRA C:2012 guidelines, our tools still report Mandatory, Required, and Advisory MISRA C:2012 rule violations.
This doesn’t completely surprise me. The tools and versions of the tools often make a difference on the number of violations reported. Usually later versioned tools do a better job at finding issues. Can you tell us which tool you’re using? The FreeRTOS Kernel is checked against Coverity 2023.6.1 as mentioned here. Unfortunately I don’t believe this is licensed anymore so a newer version would need to be used which may result in increased errors.
Now on to you questions.
Any libraries that you are using from the LTS release should have a MISRA.md file documenting any deviations from the 2012 standard. There is some additional information on Coding Standard, Testing and Style Guide - FreeRTOS™.
At the time of the LTS release, I would have expected any MISRA violations to have either been fixed or have documented deviations. These would be per the version of Coverity used for MISRA checking at that time. You are welcome to modify the code in any way you see fit to meet your MISRA compliance needs.
MISRA 2023 contains no new content when compared to MISRA 2012 + amendments. I’d wager that we will support MISRA 2023 soon (either next LTS or next non-LTS release).
My biggest recommendation here is to keep in mind the architecture of FreeRTOS (Kernel with Ports). There will likely be several things you don’t need for your port. Figuring out how to remove them, or prove they don’t apply, can save you significant time.
As for the things you’re asking:
I’ll need to check if we can share compliance reports. Often licensed tools do not like their reports shared with a wide, unlicensed audience. Deviations are present on the MISRA.md file of each repository.
If you’re looking for code changes to be made to code, use Github issues or PRs. For questions, you’re welcome to use the FreeRTOS forums or Github issues. We check both fairly frequently so you should get answers in a timely fashion.
Thank you for the detailed explanation and clarifications. Based on your response, we would like to confirm our understanding and proposed approach to ensure it aligns with FreeRTOS recommendations.
As you mentioned, while the FreeRTOS kernel is largely aligned with MISRA C:2012, remaining Mandatory, Required, and Advisory violations are expected and can vary depending on the static analysis tool and its version. We understand that newer tool versions typically report additional findings.
We are currently using Coverity Static Analysis 2024.12.0, which is newer than the version referenced for the FreeRTOS kernel checks. As expected, this results in additional MISRA findings. We also understand that for LTS releases, MISRA C:2012 deviations are documented in the respective MISRA.md files, and that there is currently no official MISRA C:2023 deviation documentation.
Given your clarification that “MISRA 2023 contains no new content when compared to MISRA 2012 + amendments” and your statement that “You are welcome to modify the code in any way you see fit to meet your MISRA compliance needs,” our intended approach is as follows:
Run MISRA C:2023 analysis using our current static analysis tool (Coverity 2024.12.0)
Use existing MISRA C:2012 deviations as the baseline justification
Fix, suppress, or document deviations as needed, particularly in the ported code.
Ensure functional behavior is unchanged and all deviations are documented internally
For reference, our current MISRA C:2023 analysis results with FreeRTOS source are:
Mandatory: 0
Required: 643
Advisory: 1062
Blanks : 4
Total MISRA C:2023 violations: 1709
These results are consistent with the use of a newer analysis tool (Coverity 2024.12.0) and the absence of official MISRA C:2023 deviation files.
Could you please confirm that this approach is consistent with FreeRTOS guidance and expectations?
Your approach is reasonable! Good luck with your effort and if you find any MISRA issues which have a straightforward fix, we’d love to have your contributions.