mirror of
https://github.com/jemalloc/jemalloc.git
synced 2026-04-14 14:41:42 +03:00
Add GitHub action which runs static analysis
Now that all of the various issues that static analysis uncovered have been fixed (#2431, #2432, #2433, #2436, #2437, #2446), I've added a GitHub action which will run static analysis for every PR going forward. When static analysis detects issues with your code, the GitHub action provides a link to download its findings in a form tailored for human consumption. Take a look at [this demonstration of what it looks like when static analysis issues are found](https://github.com/Svetlitski/jemalloc/actions/runs/5010245602) on my fork for an example (make sure to follow the instructions in the error message to download and inspect the results).
This commit is contained in:
Kevin Svetlitski
Qi Wang
parent
bb0333e745
commit
05385191d4
3 changed files with 124 additions and 0 deletions
52
scripts/run_static_analysis.sh
Executable file
52
scripts/run_static_analysis.sh
Executable file
|
|
@ -0,0 +1,52 @@
|
|||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
git clean -Xfd
|
||||
|
||||
export CC='clang'
|
||||
export CXX='clang++'
|
||||
compile_time_malloc_conf='background_thread:true,'\
|
||||
'metadata_thp:auto,'\
|
||||
'abort_conf:true,'\
|
||||
'muzzy_decay_ms:0,'\
|
||||
'zero_realloc:free,'\
|
||||
'prof_unbias:false,'\
|
||||
'prof_time_resolution:high'
|
||||
|
||||
./autogen.sh \
|
||||
--with-private-namespace=jemalloc_ \
|
||||
--disable-cache-oblivious \
|
||||
--enable-prof \
|
||||
--enable-prof-libunwind \
|
||||
--with-malloc-conf="$compile_time_malloc_conf" \
|
||||
--enable-readlinkat \
|
||||
--enable-opt-safety-checks \
|
||||
--enable-uaf-detection \
|
||||
--enable-force-getenv \
|
||||
--enable-debug # Enabling debug for static analysis is important,
|
||||
# otherwise you'll get tons of warnings for things
|
||||
# that are already covered by `assert`s.
|
||||
|
||||
bear -- make -s -j $(nproc)
|
||||
# We end up with lots of duplicate entries in the compilation database, one for
|
||||
# each output file type (e.g. .o, .d, .sym, etc.). There must be exactly one
|
||||
# entry for each file in the compilation database in order for
|
||||
# cross-translation-unit analysis to work, so we deduplicate the database here.
|
||||
jq '[.[] | select(.output | test("/[^./]*\\.o$"))]' compile_commands.json > compile_commands.json.tmp
|
||||
mv compile_commands.json.tmp compile_commands.json
|
||||
|
||||
CC_ANALYZERS_FROM_PATH=1 CodeChecker analyze compile_commands.json --jobs $(nproc) \
|
||||
--ctu --compile-uniqueing strict --output static_analysis_raw_results \
|
||||
--analyzers clang-tidy clangsa
|
||||
|
||||
html_output_dir="${1:-static_analysis_results}"
|
||||
result=${2:-/dev/null}
|
||||
# We're echoing a value because we want to indicate whether or not any errors
|
||||
# were found, but we always want the script to have a successful exit code so
|
||||
# that we actually reach the step in the GitHub action where we upload the results.
|
||||
if CodeChecker parse --export html --output "$html_output_dir" static_analysis_raw_results
|
||||
then
|
||||
echo "HAS_STATIC_ANALYSIS_RESULTS=0" >> "$result"
|
||||
else
|
||||
echo "HAS_STATIC_ANALYSIS_RESULTS=1" >> "$result"
|
||||
fi
|
||||
Loading…
Add table
Add a link
Reference in a new issue