Skip to content
CI Checks

Bump CBMC version to 5.95.1 #692

Sign in to view logs

Bump CBMC version to 5.95.1

Bump CBMC version to 5.95.1 #692

Workflow file for this run

.github/workflows/ci.yml at 47fa69e
name: CI Checks
on:
push:
branches: ["**"]
pull_request:
branches: [main]
workflow_dispatch:
jobs:
build-check:
runs-on: ubuntu-latest
steps:
- name: Clone This Repo
uses: actions/checkout@v3
- name: Build Library in Debug mode
run: |
cmake -S test -B build/ \
-G "Unix Makefiles" \
-DCMAKE_BUILD_TYPE=Debug \
-DCMAKE_C_FLAGS='-O0 -Wall -Wextra -Werror -Wformat -Wformat-security -Warray-bounds'
make -C build/ coverity_analysis -j8
- name: Build Library in Release mode
run: |
rm -rf ./build
cmake -S test -B build/ -G "Unix Makefiles" \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_C_FLAGS='-Wall -Wextra -Werror -DNDEBUG -Wformat -Wformat-security -Warray-bounds'
make -C build/ coverity_analysis -j8
build-code-example:
runs-on: ubuntu-latest
steps:
- name: Clone This Repo
uses: actions/checkout@v3
- name: Build Code Example used in Doxygen
run: |
cmake -S test -B Build -DBUILD_CODE_EXAMPLE=ON
make -C Build code_example_posix -j8
unittest-with-sanitizer:
runs-on: ubuntu-latest
steps:
- name: Clone This Repo
uses: actions/checkout@v3
- name: Build Library and Unit Tests with Sanitizer
run: |
CFLAGS="-O0 -Wall -Wexta -Werror"
CFLAGS+=" -D_FORTIFY_SOURCE=2"
CFLAGS+=" -Wformat"
CLFAGS+=" -Wformat-security"
CFLAGS+=" -Warray-bounds"
CFLAGS+=" -fsanitize=address,undefined"
CFLAGS+=" -fsanitize=pointer-compare -fsanitize=pointer-subtract"
CFLAGS+=" -fsanitize-recover=undefined"
CFLAGS+=" -fsanitize-address-use-after-scope"
CFLAGS+=" -fsanitize-undefined-trap-on-error"
CFLAGS=" -fstack-protector-all -DLOGGING_LEVEL_DEBUG=1"
cmake -S test -B build/ \
-G "Unix Makefiles" \
-DCMAKE_BUILD_TYPE=Debug \
-DUNITTEST=ON \
-DCMAKE_C_FLAGS="${CFLAGS}"
make -C build all -j8
- name: Run unit tests with sanitizer
run: |
cd build
ctest -E system --output-on-failure
cd ..
unittest-for-coverage:
runs-on: ubuntu-latest
steps:
- name: Clone This Repo
uses: actions/checkout@v3
- name: Build
run: |
sudo apt-get install -y lcov sed
# Build with logging enabled.
cmake -S test -B build/ \
-G "Unix Makefiles" \
-DCMAKE_BUILD_TYPE=Debug \
-DUNITTEST=ON \
-DCMAKE_C_FLAGS='--coverage -Wall -Wextra -Werror -DNDEBUG -Wno-error=pedantic -Wno-variadic-macros -DLOGGING_LEVEL_DEBUG=1'
make -C build/ all
- name: Test
run: |
cd build/
ctest -E system --output-on-failure
cd ..
- name: Run Coverage
run: |
make -C build/ coverage
declare -a EXCLUDE=("\*test\*" "\*CMakeCCompilerId\*" "\*mocks\*")
echo ${EXCLUDE[@]} | xargs lcov --rc lcov_branch_coverage=1 -r build/coverage.info -o build/coverage.info
lcov --rc lcov_branch_coverage=1 --list build/coverage.info
- name: Check Coverage
uses: FreeRTOS/CI-CD-Github-Actions/coverage-cop@main
with:
coverage-file: ./build/coverage.info
complexity:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Check complexity
uses: FreeRTOS/CI-CD-Github-Actions/complexity@main
with:
path: ./
spell-check:
runs-on: ubuntu-latest
steps:
- name: Clone This Repo
uses: actions/checkout@v3
- name: Run spellings check
uses: FreeRTOS/CI-CD-Github-Actions/spellings@main
with:
path: ./
formatting:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: Check formatting
uses: FreeRTOS/CI-CD-Github-Actions/formatting@main
with:
path: ./
exclude-dirs: .git
git-secrets:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Checkout awslabs/git-secrets
uses: actions/checkout@v3
with:
repository: awslabs/git-secrets
ref: master
path: git-secrets
- name: Install git-secrets
run: cd git-secrets && sudo make install && cd ..
- name: Run git-secrets
run: |
git-secrets --register-aws
git-secrets --scan
link-verifier:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Check Links
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
uses: FreeRTOS/CI-CD-Github-Actions/link-verifier@main
verify-manifest:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
submodules: true
fetch-depth: 0
# At time of writing the gitmodules are set not to pull
# Even when using fetch submodules. Need to run this command
# To force it to grab them.
- name: Perform Recursive Clone
shell: bash
run: git submodule update --checkout --init --recursive
- name: Run manifest verifier
uses: FreeRTOS/CI-CD-GitHub-Actions/manifest-verifier@main
with:
path: ./
fail-on-incorrect-version: true
doxygen:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run doxygen build
uses: FreeRTOS/CI-CD-Github-Actions/doxygen@main
with:
path: ./
memory_statistics:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install Python3
uses: actions/setup-python@v3
with:
python-version: "3.7.x"
- name: Measure sizes
uses: FreeRTOS/CI-CD-Github-Actions/memory_statistics@main
with:
config: .github/memory_statistics_config.json
check_against: docs/doxygen/include/size_table.md
proof_ci:
if: ${{ github.event.pull_request }} || ${{ github.event.workflow }}
runs-on: ubuntu-20.04
steps:
- name: Set up CBMC runner
uses: FreeRTOS/CI-CD-Github-Actions/set_up_cbmc_runner@main
with:
cbmc_version: "5.95.1"
cbmc_viewer_version: "latest"
- name: Run CBMC
uses: FreeRTOS/CI-CD-Github-Actions/run_cbmc@main
with:
proofs_dir: test/cbmc/proofs