CI: Add smatch static analysis workflow

Smatch is an actively maintained kernel-aware static analyzer for C with a low false positive rate. Since the code checker can be run relatively quickly against the entire OpenZFS code base (15 min) it makes sense to add it as a GitHub Actions workflow. Today smatch reports a significant numbers warnings so the workflow is configured to always pass as long as the analysis was run. The results are available for reference. Long term it would ideal to resolve all of the errors/warnings at which point the workflow can be updated to fail when new problems are detected. Reviewed-by: Tony Hutter <hutter2@llnl.gov> Reviewed-by: Toomas Soome <tsoome@me.com> Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov> Closes #17935
2026-01-14 01:02:04 +03:00 · 2025-11-17 14:33:40 -06:00 · 2025-11-17 14:33:40 -06:00 · d06ebddee4
commit d06ebddee4
parent 040c533280
1 changed files with 52 additions and 0 deletions
--- a/.github/workflows/smatch.yml
+++ b/.github/workflows/smatch.yml
@ -0,0 +1,52 @@
+name: smatch
+
+on:
+  push:
+  pull_request:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  smatch:
+    runs-on: ubuntu-24.04
+    steps:
+    - name: Checkout smatch
+      uses: actions/checkout@v4
+      with:
+        repository: error27/smatch
+        ref: master
+        path: smatch
+    - name: Install smatch dependencies
+      run: |
+        sudo apt-get install -y llvm gcc make sqlite3 libsqlite3-dev libdbd-sqlite3-perl libssl-dev libtry-tiny-perl
+    - name: Make smatch
+      run: |
+        cd $GITHUB_WORKSPACE/smatch
+        make -j$(nproc)
+    - name: Checkout OpenZFS
+      uses: actions/checkout@v4
+      with:
+        ref: ${{ github.event.pull_request.head.sha }}
+        path: zfs
+    - name: Install OpenZFS dependencies
+      run: |
+        cd $GITHUB_WORKSPACE/zfs
+        sudo apt-get purge -y snapd google-chrome-stable firefox
+        ONLY_DEPS=1 .github/workflows/scripts/qemu-3-deps-vm.sh ubuntu24
+    - name: Autogen.sh OpenZFS
+      run: |
+        cd $GITHUB_WORKSPACE/zfs
+        ./autogen.sh
+    - name: Configure OpenZFS
+      run: |
+        cd $GITHUB_WORKSPACE/zfs
+        ./configure --enable-debug
+    - name: Make OpenZFS
+      run: |
+        cd $GITHUB_WORKSPACE/zfs
+        make -j$(nproc) CHECK="$GITHUB_WORKSPACE/smatch/smatch" CC=$GITHUB_WORKSPACE/smatch/cgcc | tee $GITHUB_WORKSPACE/smatch.log
+    - name: Smatch results log
+      run: |
+        grep -E 'error:|warn:|warning:' $GITHUB_WORKSPACE/smatch.log