diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 87d67bc7d5c695..952cba7caa9a1b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -13,22 +13,8 @@ permissions: actions: read jobs: - init-comment: - if: github.event_name == 'pull_request' - runs-on: ubuntu-latest - steps: - - uses: marocchino/sticky-pull-request-comment@v2 - with: - header: kernel-warnings - message: | - ### 🚀 Kernel Build Started - _Builds are running... detailed status below:_ - | Job | Status | - | :--- | :--- | - build: - needs: init-comment - if: always() && (needs.init-comment.result == 'success' || needs.init-comment.result == 'skipped') + if: always() name: Build ${{ matrix.arch }} ${{ matrix.compiler }} ${{ matrix.config }} runs-on: ubuntu-latest container: @@ -41,12 +27,22 @@ jobs: arch: [ riscv64, aarch64 ] compiler: [ llvm-18, gcc ] config: [ defconfig ] + install_compiler: [ true ] include: - arch: morello compiler: llvm-morello config: morello_pcuabi_defconfig container: docker.io/ctsrd/morello-sdk:latest - + install_compiler: false + - arch: riscv64cheri + compiler: llvm-cheri + config: qemu_riscv64cheripc_defconfig + container: docker.io/chrehrhardt/riscvcheri-ubuntu-llvm18:latest + install_compiler: false + - arch: x86_32 + compiler: gcc + config: i386_defconfig + install_compiler: true steps: # Install node.js in the docker container to allow testing this action with `gh act` locally. # This is not needed in real GitHub action runs, so limit this to env.ACT being set. @@ -68,11 +64,11 @@ jobs: shell: bash run: | sudo apt-get update - packages=(build-essential bc bison flex libelf-dev libssl-dev) + packages=(build-essential bc bison flex libelf-dev libssl-dev ccache) if [[ "${{ matrix.compiler }}" == llvm* ]]; then VER=${{ matrix.compiler }} VER=${VER#llvm-} - if [[ "${{ matrix.compiler }}" != llvm-morello ]]; then + if [[ "${{ matrix.install_compiler }}" == "true" ]]; then packages+=(clang-$VER lld-$VER llvm-$VER) fi elif [ "${{ matrix.compiler }}" == "gcc" ]; then @@ -109,18 +105,11 @@ jobs: echo "url=$JOB_URL" >> "$GITHUB_OUTPUT" echo "build_step_num=$BUILD_STEP_NUM" >> "$GITHUB_OUTPUT" - - name: Notify Job Start - if: github.event_name == 'pull_request' - uses: marocchino/sticky-pull-request-comment@v2 - with: - header: kernel-warnings - append: true - message: "| ${{ matrix.arch }} ${{ matrix.compiler }} | ⏳ [In Progress](${{ steps.job-link.outputs.url }}) |" - - name: Setup Ccache uses: hendrikmuhs/ccache-action@v1.2 with: key: kbuild-${{ matrix.arch }}-${{ matrix.compiler }} + max-size: 2G - name: Build Kernel shell: bash @@ -131,6 +120,8 @@ jobs: # Set pipefail to fail if make fails, otherwise any error is squashed set -o pipefail ARGS="" + TARGETS="all" + CCACHE="" if [ "${{ matrix.arch }}" = "aarch64" ]; then ARGS="$ARGS ARCH=arm64" CROSS="aarch64-linux-gnu-" @@ -139,19 +130,46 @@ jobs: CROSS="riscv64-linux-gnu-" elif [ "${{ matrix.arch }}" = "morello" ]; then ARGS="$ARGS ARCH=arm64" + elif [ "${{ matrix.arch }}" = "riscv64cheri" ]; then + ARGS="$ARGS ARCH=riscv" + TARGETS="${TARGETS} compile_commands.json" fi if [[ "${{ matrix.compiler }}" == "llvm-morello" ]]; then # The docker image does not have gcc installed, use Morello clang as the host compiler. - ARGS="$ARGS LLVM=$(dirname $(which clang))/ HOSTCC=clang HOSTCXX=clang++" + + LLVM="$(dirname $(which clang))" + CCACHE="ccache $LLVM/clang" + ARGS="$ARGS LLVM=$LLVM/ HOSTCC=clang HOSTCXX=clang++" elif [[ "${{ matrix.compiler }}" == llvm* ]]; then - ARGS="$ARGS LLVM=/usr/lib/${{ matrix.compiler }}/bin/ CROSS_COMPILE=$CROSS" + LLVM=/usr/lib/${{ matrix.compiler }}/bin + CCACHE="ccache $LLVM/clang" + ARGS="$ARGS LLVM=$LLVM/ CROSS_COMPILE=$CROSS" else ARGS="$ARGS CROSS_COMPILE=$CROSS" + CCACHE="ccache ${CROSS}gcc" fi make $ARGS O=build ${{ matrix.config }} # Pipe output to tee so we can see it and save it for counting warnings - make $ARGS O=build -j$(nproc) 2>&1 | tee build.log + make $ARGS CC="$CCACHE" O=build -j$(nproc) ${TARGETS} 2>&1 | tee build.log + + - name: Run clang-tidy + if: matrix.compiler == 'llvm-cheri' + shell: bash + run: | + set -o pipefail + grep "file.:.*\.c.$" build/compile_commands.json | \ + sed 's/.*file.:..//; s/.$//' | \ + xargs -n $(nproc) -P 12 -- /usr/lib/llvm-cheri/bin/clang-tidy \ + --checks='-*,cheri-PtrToIntCast' \ + --header-filter='.*' \ + --system-headers \ + -p build 2>&1 | tee tidy.log + echo "CHECKING clang-tidy messages" + if egrep "(warning|error):" tidy.log; then + echo "ERROR: Unexpected clang-tidy warnings" + false # Fail + fi - name: Process Logs (Errors & Warnings) if: always() @@ -160,15 +178,16 @@ jobs: GH_TOKEN: ${{ github.token }} JOB_NAME: "Build ${{ matrix.arch }} ${{ matrix.compiler }} ${{ matrix.config }}" run: | + touch tidy.log echo "::group::📝 Build Issues (Errors & Warnings)" - if grep -iE "warning:|error:" build.log; then + if grep -iE "warning:|error:" build.log tidy.log; then echo "--------------------------------------------------" echo "Full list above." else echo "🎉 Clean build - No warnings or errors found." fi echo "::endgroup::" - COUNT=$(grep -c -i "warning:" build.log || true) + COUNT=$(grep -c -i "warning:" build.log tidy.log || true) OUTCOME="${{ steps.kbuild.outcome }}" FULL_LINK="${{ steps.job-link.outputs.url }}#step:${{ steps.job-link.outputs.build_step_num }}:1" COUNT_CLEAN=$(echo $COUNT | xargs) @@ -188,41 +207,3 @@ jobs: name: warnings-${{ matrix.arch }}-${{ matrix.compiler }}-${{ matrix.config }} path: "warnings-${{ matrix.arch }}-${{ matrix.compiler }}.txt" - report-warnings: - needs: build - if: always() && github.event_name == 'pull_request' - runs-on: ubuntu-latest - permissions: - pull-requests: write - steps: - - name: Download Warning Artifacts - uses: actions/download-artifact@v4 - with: - pattern: warnings-* - merge-multiple: true - path: warnings - - - name: Generate Summary Markdown - run: | - echo "### 🛡️ Kernel Build Warnings Report" > comment.md - echo "" >> comment.md - echo "| Arch | Compiler | Warnings | Status |" >> comment.md - echo "| :--- | :--- | :---: | :---: |" >> comment.md - # Sort by Arch (col 2), then Compiler Version (col 3) - # -k 2,2b : sort 2nd column, ignore leading whitespace - # -k 3,3Vb: sort 3rd column, Version sort, ignore whitespace - cat warnings/*.txt | sort -t '|' -k 2,2b -k 3,3Vb >> comment.md - if grep -q "❌" warnings/*.txt; then - echo "" >> comment.md - echo "❌ **One or more builds failed.**" >> comment.md - fi - # Use awk to find '[**NUMBER**]' and sum up the values (m[1]) - TOTAL=$(awk -F'|' 'match($4, /\[\*\*([0-9]+)\*\*\]/, m) { sum += m[1] } END { print sum+0 }' warnings/*.txt) - echo "" >> comment.md - echo "**Total Warnings: $TOTAL**" >> comment.md - - - name: Post Sticky Comment - uses: marocchino/sticky-pull-request-comment@v2 - with: - header: kernel-warnings - path: comment.md