Mercurial > vim

view .github/workflows/coverity.yml @ 35238:f8623bd12e17

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
CI: disable -O2 for Coverity after v9.1.0429 Commit: https://github.com/vim/vim/commit/95ff39f8e3d5e16d4ef55f47d8f50da29df05f9e Author: Christian Brabandt <cb@256bit.org> Date: Wed May 22 07:53:23 2024 +0200 CI: disable -O2 for Coverity after v9.1.0429 gcc -O2 outputs this warning and turns it into an error when running Coverity action: ``` eval.c: In function ?echo_string_core?: cc1: warning: function may return address of local variable [-Wreturn-local-addr] eval.c:6495:12: note: declared here 6495 | char_u buf[MAX_FUNC_NAME_LEN]; | ^~~ ``` This seems to be a false positive, so disable -O2 for Coverity specifically. Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Wed, 22 May 2024 08:00:06 +0200
parents db65486d8d75
children
line wrap: on
line source

name: Coverity
on:
  schedule:
    - cron: '42 0 * * *'  # Run once per day, to avoid Coverity's submission limits
  workflow_dispatch:

permissions:
  contents: read # to fetch code (actions/checkout)

jobs:
  scan:
    runs-on: ubuntu-22.04

    env:
      CC: gcc
      DEBIAN_FRONTEND: noninteractive
      TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}

    steps:
      - name: Checkout repository from github
        if: env.TOKEN
        uses: actions/checkout@v4

      - name: Download Coverity
        if: env.TOKEN
        run: |
          wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=vim" -O coverity_tool.tgz
          mkdir cov-scan
          tar ax -f coverity_tool.tgz --strip-components=1 -C cov-scan

      - name: Install packages
        if: env.TOKEN
        run: |
          sudo apt-get update && sudo apt-get install -y \
            autoconf \
            gettext \
            libcanberra-dev \
            libperl-dev \
            python2-dev \
            python3-dev \
            liblua5.4-dev \
            lua5.4 \
            ruby-dev \
            tcl-dev \
            libgtk2.0-dev \
            desktop-file-utils \
            libtool-bin \
            libsodium-dev

      - name: Set up environment
        if: env.TOKEN
        run: |
          echo "$(pwd)/cov-scan/bin" >> $GITHUB_PATH
          (
          echo "NPROC=$(getconf _NPROCESSORS_ONLN)"
          echo "CONFOPT=--enable-perlinterp --enable-pythoninterp --enable-python3interp --enable-rubyinterp --enable-luainterp --enable-tclinterp"
          ) >> $GITHUB_ENV

      - name: Configure
        if: env.TOKEN
        run: |
          ./configure --with-features=huge ${CONFOPT} --enable-fail-if-missing
          # Append various warning flags to CFLAGS.
          sed -i -f ci/config.mk.sed src/auto/config.mk
          sed -i -f ci/config.mk.${CC}.sed src/auto/config.mk
          # -O2 gives false warning and turns it into an error:
          # warning: function may return address of local variable [-Wreturn-local-addr]
          sed -i 's/-O2 \?//' src/auto/config.mk

      - name: Build/scan vim
        if: env.TOKEN
        run: |
          cov-build --dir cov-int make -j${NPROC}

      - name: Submit results
        if: env.TOKEN
        run: |
          tar zcf cov-scan.tgz cov-int
          curl --form token=$TOKEN \
            --form email=$EMAIL \
            --form file=@cov-scan.tgz \
            --form version="$(git rev-parse HEAD)" \
            --form description="Automatic GHA scan" \
            'https://scan.coverity.com/builds?project=vim'
        env:
          EMAIL: ${{ secrets.COVERITY_SCAN_EMAIL }}