05385191d4
Now that all of the various issues that static analysis uncovered have been fixed (#2431, #2432, #2433, #2436, #2437, #2446), I've added a GitHub action which will run static analysis for every PR going forward. When static analysis detects issues with your code, the GitHub action provides a link to download its findings in a form tailored for human consumption. Take a look at [this demonstration of what it looks like when static analysis issues are found](https://github.com/Svetlitski/jemalloc/actions/runs/5010245602) on my fork for an example (make sure to follow the instructions in the error message to download and inspect the results).
69 lines
2.6 KiB
YAML
69 lines
2.6 KiB
YAML
name: 'Static Analysis'
|
|
on: [pull_request]
|
|
jobs:
|
|
static-analysis:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
# We build libunwind ourselves because sadly the version
|
|
# provided by Ubuntu via apt-get is much too old.
|
|
- name: Check out libunwind
|
|
uses: actions/checkout@v3
|
|
with:
|
|
repository: libunwind/libunwind
|
|
path: libunwind
|
|
ref: 'v1.6.2'
|
|
github-server-url: 'https://github.com'
|
|
- name: Install libunwind
|
|
run: |
|
|
cd libunwind
|
|
autoreconf -i
|
|
./configure --prefix=/usr
|
|
make -s -j $(nproc) V=0
|
|
sudo make -s install V=0
|
|
cd ..
|
|
rm -rf libunwind
|
|
- name: Check out repository
|
|
uses: actions/checkout@v3
|
|
# We download LLVM directly from the latest stable release
|
|
# on GitHub, because this tends to be much newer than the
|
|
# version available via apt-get in Ubuntu.
|
|
- name: Download LLVM
|
|
uses: dsaltares/fetch-gh-release-asset@master
|
|
with:
|
|
repo: 'llvm/llvm-project'
|
|
version: 'latest'
|
|
file: 'clang[+]llvm-.*x86_64-linux-gnu.*'
|
|
regex: true
|
|
target: 'llvm_assets/'
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Install prerequisites
|
|
id: install_prerequisites
|
|
run: |
|
|
tar -C llvm_assets -xaf llvm_assets/*.tar* &
|
|
sudo apt-get update
|
|
sudo apt-get install -y jq bear python3-pip
|
|
pip install codechecker
|
|
echo "Extracting LLVM from tar" 1>&2
|
|
wait
|
|
echo "LLVM_BIN_DIR=$(echo llvm_assets/clang*/bin)" >> "$GITHUB_OUTPUT"
|
|
- name: Run static analysis
|
|
id: run_static_analysis
|
|
run: >
|
|
PATH="${{ steps.install_prerequisites.outputs.LLVM_BIN_DIR }}:$PATH"
|
|
LDFLAGS='-L/usr/lib'
|
|
scripts/run_static_analysis.sh static_analysis_results "$GITHUB_OUTPUT"
|
|
- name: Upload static analysis results
|
|
if: ${{ steps.run_static_analysis.outputs.HAS_STATIC_ANALYSIS_RESULTS }} == '1'
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: static_analysis_results
|
|
path: static_analysis_results
|
|
- name: Check static analysis results
|
|
run: |
|
|
if [[ "${{ steps.run_static_analysis.outputs.HAS_STATIC_ANALYSIS_RESULTS }}" == '1' ]]
|
|
then
|
|
echo "::error::Static analysis found issues with your code. Download the 'static_analysis_results' artifact from this workflow and view the 'index.html' file contained within it in a web browser locally for detailed results."
|
|
exit 1
|
|
fi
|
|
|