Clang memory sanitizer needs all linked libraries (including STL) to be
compiled with msan option, otherwise analysis results are practically
unusable.
GCC undefined behaviour sanitizer analysis is already covered by build
running UASAN (undefined behaviour and address sanitizers).
Our macOS release builds are limited to Catalina only, and this OS
officially works only on Ivy Bridge (2012) or newer microarchitecture.
Point GCC to target Nehalen (2008) instead - this should cover also all
possible Hackintoshes or virtual machines.
This commit:
- Adds a separate analysis run against the MIRSA (Motor Industry
Software Reliability Association) criteria, which is extremely
thorough. This tally is not summarized or considered fatal to the
workflow. It runs virtually instantly, and the results are very
interesting; however are too numerous to include in our general
analysis (ie: over 13,000 issues).
- Changes the PVS summary script output to a tally-per-file instead
of trying to summarize the nature of the issue, which was mostly
unhelpful without the full text.
- Adds the full list of possible supressible issue to the report
directory, so if further suppressions are needed then these will be
easy to find and use.
- Adds one dr_flac suppression per the resolution here:
mackron/dr_libs#117
Adds a `--disable-opus-cdda` flag that explicitly disables support
for Ogg Opus CDDA tracks and in turn avoid the need for the Opus package
dependencies such as the opusfile, opus, and ogg libraries.
This feature does not alter the default operation of ./configure, which
is to enable Opus CDDA support and quit if the Opus dependency package,
opusfile, is not found. The user can then choose to either a) install
the package or b) explicitly disable Opus support.
This commit also includes:
- fixes for a double-free in the MP3 close routine that
was discovered during testing
- a message if a CD audio track cannot be added during CDROM
mounting (such as attempting to use Opus tracks when the binary
does not support them).
- the --disable-opus-cdda flag in our config heavy workflow
Problem with libpng12/libpng16 strikes again - Steam Runtime is missing
libpng16, so users who want to test dosbox-staging via Steam are not
able to start it.
This is the only library, that needs to be disabled - all other
dependencies are included in Steam Runtime and work fine.
The commit-check step run a bash script however its `shell:`
directive was unset, meaning that under Windows the script
would be executed by PowerShell. This commit fixes this by
explicitly setting `shell: bash`.
The commit switches from installing gcc or clang under Windows to
simply always installing clang (which also installs gcc as a dependency).
This ensures that cache's produced from a gcc-specific builds will
be compatible with clang builds.
PVS-Studio is a tool for detecting bugs and security weaknesses in the
source code of programs, written in C, C++, C# and Java. It works under
64-bit systems in Windows, Linux and macOS environments, and can analyze
source code intended for 32-bit, 64-bit and embedded ARM platforms.
https://www.viva64.com/en/pvs-studio/
It's very easy to setup and run headless on Linux; although on Windows I
couldn't find instruction describing how to automate the install.
It quickly generates a relatively unique set of issues versus those
reported by Clang's and Coverity's checkers, so it's valuable in that
regard.
Output can be customized in various formats (stdout, gcc-error format,
or HTML), and it produces a nice summary of results that (for a later PR)
we can capture and compare against a maximum warning count similar
to our other checkers.
This PR generates a full HTML report with embedded source snippets,
which are uploaded as a zipped asset.
GitHub's ongoing issue of limitting the cache size has recently
been fixed (https://github.com/actions/cache/issues/6), so this
PR create a combined Clang+GCC cache for separate 32-bit and 64-bit
architectures under Windows.
Also re-order to perform shellcheck first because it
requires the least installation work compared to pylint
and markdownlint. The reason being if we're going to fail
during shellcheck, then we fail faster (and leave heavier
tasks for further down the line).
With SDL2 in place, the silent dependency on libpng12 on Ubuntu 16.04 is
now gone. Unfortunately, development packages for libpng16 are named
differently for Ubuntu 16.04 and 18.04, so we can't add new package to
the global list.
