Add PVS-Studio to our static-analysis workflow
PVS-Studio is a tool for detecting bugs and security weaknesses in the source code of programs, written in C, C++, C# and Java. It works under 64-bit systems in Windows, Linux and macOS environments, and can analyze source code intended for 32-bit, 64-bit and embedded ARM platforms. https://www.viva64.com/en/pvs-studio/ It's very easy to setup and run headless on Linux; although on Windows I couldn't find instruction describing how to automate the install. It quickly generates a relatively unique set of issues versus those reported by Clang's and Coverity's checkers, so it's valuable in that regard. Output can be customized in various formats (stdout, gcc-error format, or HTML), and it produces a nice summary of results that (for a later PR) we can capture and compare against a maximum warning count similar to our other checkers. This PR generates a full HTML report with embedded source snippets, which are uploaded as a zipped asset.
This commit is contained in:
krcroft
Patryk Obara
parent
1953d0880b
commit
5885ba0851
1 changed files with 35 additions and 2 deletions
37
.github/workflows/analysis.yml
vendored
37
.github/workflows/analysis.yml
vendored
|
|
@ -55,7 +55,7 @@ jobs:
|
|||
- name: Upload report
|
||||
uses: actions/upload-artifact@master
|
||||
with:
|
||||
name: report
|
||||
name: clang-analysis-report
|
||||
path: report
|
||||
- name: Summarize report
|
||||
env:
|
||||
|
|
@ -66,6 +66,39 @@ jobs:
|
|||
echo
|
||||
./scripts/count-bugs.py report/*/index.html
|
||||
|
||||
build_pvs_studio_analyzer:
|
||||
name: PVS-Studio static analyzer
|
||||
runs-on: ubuntu-latest
|
||||
needs: run_linters
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
with:
|
||||
fetch-depth: 1
|
||||
- run: sudo apt-get update
|
||||
- name: Log environment
|
||||
run: ./scripts/log-env.sh
|
||||
- name: Install packages
|
||||
run: |
|
||||
set -xeu
|
||||
wget -nv "https://files.viva64.com/pvs-studio-7.05.35582.25-amd64.deb" -O "pvs.deb" &
|
||||
sudo apt-get install strace $(./scripts/list-build-dependencies.sh -m apt -c gcc)
|
||||
wait && sudo dpkg -i "pvs.deb"
|
||||
pvs-studio-analyzer credentials "${{ secrets.PvsStudioName }}" "${{ secrets.PvsStudioKey }}"
|
||||
- name: Build
|
||||
run: pvs-studio-analyzer trace -- ./scripts/build.sh -c gcc -t debug
|
||||
- name: Analyze
|
||||
run: |
|
||||
set -xeu
|
||||
pvs-studio-analyzer analyze -o pvs-analysis.log -j "$(nproc)"
|
||||
plog-converter -a "64:1;OP:1,2,3;CS:1;MISRA:1,2" \
|
||||
-p "dosbox-staging" -v "${GITHUB_SHA:0:8}" -t "fullhtml" \
|
||||
-d "V1042" -o "pvs-analysis-report" "pvs-analysis.log"
|
||||
- name: Upload report
|
||||
uses: actions/upload-artifact@master
|
||||
with:
|
||||
name: pvs-analysis-report
|
||||
path: pvs-analysis-report
|
||||
|
||||
dynamic_matrix:
|
||||
name: ${{ matrix.compiler }} dynamic sanitizers
|
||||
needs: run_linters
|
||||
|
|
@ -101,5 +134,5 @@ jobs:
|
|||
- name: Upload logs
|
||||
uses: actions/upload-artifact@master
|
||||
with:
|
||||
name: ${{ matrix.compiler }}-logs
|
||||
name: ${{ matrix.compiler }}-sanitizer-logs
|
||||
path: ${{ matrix.compiler }}-logs
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue