Enable unusedFunction checks

[dzid26]

Find unusedFunctions for Panda program. Allows to:

• treat F4 and H7 variants as a part of same program
• differentiate between functions used in Panda and e.g. PandaJungle

Links: https://github.com/commaai/panda/issues/1954 https://github.com/commaai/panda/issues/1794 https://github.com/commaai/panda/pull/1878

[dzid26]

• I enabled --project compile_commands.json for Misra and unusedFunctions now.
  • it uses scons, so it can check macros we are interested in.
  • for CI I think we may run twice. With and without RELEASE env
  • it checks all main() files, so it found 104 violations (to be fixed)
• I still kept per build checks for unusedFunctions but only for Panda and bootstubs builds - I think this best practise and I think this similar will be need to be achieved for misra 8.x rules.

[dzid26]

@adeebshihadeh is SPI ever used for Panda F4 besides the CI test?
I removed the stm32f4/llspi.h header since normal scons job doesn't use it and mutation test was failing sometimes.

I can:

• remove building with ENABLE_SPI from CI test
• or add ENABLE_SPI in misra tests

[adeebshihadeh]

@adeebshihadeh is SPI ever used for Panda F4 besides the CI test? I removed the stm32f4/llspi.h header since normal scons job doesn't use it and so mutation test was failing sometimes.

I can:

• remove building with ENABLE_SPI from CI test
• or add ENABLE_SPI in misra tests

Let's add it to the tests. We don't use it yet, but might want to in the future.

[dzid26]

I noticed that cppcheck doesn't report system level misra violation when used with --project= compile_commands.json argument.
I will see if I can fix it, because otherwise, it is the most robust way to call whole program analysis.

[dzid26]

--project=compile_commands.json is definitely the way to go in the future, but I needed to give up on it until cppcheck bugs (resulting in false negatives on system level misra checks) get fixed.

In the meantime, I figured out a way to check different macro configurations together using --force and force-included dummy/helper header which specifies possible combinations for F4 & H7. This should make checking for unused macros (rule 2.5) fairly straightforward as well.

[dzid26]

Converting to draft. It seems that Cppcheck bails out if it encounters [unknownMacro] violation. But since I had --suppress=unknownMacro it wouldn't report any remaining violations. https://sourceforge.net/p/cppcheck/discussion/general/thread/769381a303/#f0dc

We need to add --safety flag to avoid quiet bail-outs like this. https://github.com/danmar/cppcheck/pull/5777#discussion_r1430642673

Underlying issue is related to how --force option works: https://sourceforge.net/p/cppcheck/discussion/general/thread/5c740643e6/?limit=25#7278