Enable Clang sanitizers in Linux/Clang CI pipeline

tautschnig · tautschnig · commit 869c8c630715 · 2025-11-26T10:03:06.000Z
Adds a dedicated CI job that runs unit and regression tests on Ubuntu 24.04 after compiling with Clang's sanitizers. Enables address sanitizer (buffer overflow, use-after-free, use-after-return, double-free), memory leak sanitizer, and undefined-behavior sanitizer (integer overflow). - [AddressSanitizer Documentation](https://clang.llvm.org/docs/AddressSanitizer.html) - [LeakSanitizer Documentation](https://clang.llvm.org/docs/LeakSanitizer.html) - [UndefinedBehaviorSanitizer Documentation](https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html) Fixes: #832
diff --git a/.github/workflows/clang-sanitizer.yaml b/.github/workflows/clang-sanitizer.yaml
@@ -0,0 +1,92 @@
+name: Clang Sanitizer
+on:
+  push:
+    branches: [ develop ]
+  pull_request:
+    branches: [ develop ]
+env:
+  cvc5-version: "1.2.1"
+  linux-vcpus: 4
+
+jobs:
+  # This job takes approximately X to Y minutes
+  clang-asan-ubuntu-24_04-make:
+    runs-on: ubuntu-24.04
+    env:
+      CC: "ccache /usr/bin/clang"
+      CXX: "ccache /usr/bin/clang++"
+      # AddressSanitizer configuration for optimal CI performance
+      ASAN_OPTIONS: "abort_on_error=1:fast_unwind_on_malloc=0:detect_odr_violation=0:detect_leaks=1"
+      # - `abort_on_error=1`: Terminate immediately on error
+      # - `fast_unwind_on_malloc=0`: Use slower but more accurate stack unwinding
+      # - `detect_odr_violation=0`: Disable One Definition Rule violation detection to reduce noise
+      # - `detect_leaks=1`: Enable leak detection
+      UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1"
+      # - `print_stacktrace=1`: Show stack traces for undefined behavior
+      # - `halt_on_error=1`: Terminate on undefined behavior
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          submodules: recursive
+      - name: Fetch dependencies
+        env:
+          DEBIAN_FRONTEND: noninteractive
+        run: |
+          sudo apt-get update
+          sudo apt-get install --no-install-recommends -yq clang-19 clang++-19 gdb maven jq flex bison libxml2-utils ccache z3
+          make -C src minisat2-download
+      - name: Confirm z3 solver is available and log the version installed
+        run: z3 --version
+      - name: Download cvc-5 from the releases page and make sure it can be deployed
+        run: |
+          wget https://github.com/cvc5/cvc5/releases/download/cvc5-${{env.cvc5-version}}/cvc5-Linux-x86_64-static.zip
+          unzip -j -d /usr/local/bin cvc5-Linux-x86_64-static.zip cvc5-Linux-x86_64-static/bin/cvc5
+          rm cvc5-Linux-x86_64-static.zip
+          cvc5 --version
+      - name: Prepare ccache
+        uses: actions/cache@v4
+        with:
+          save-always: true
+          path: .ccache
+          key: ${{ runner.os }}-24.04-make-clang-asan-${{ github.ref }}-${{ github.sha }}-PR
+          restore-keys: |
+            ${{ runner.os }}-24.04-make-clang-asan-${{ github.ref }}
+            ${{ runner.os }}-24.04-make-clang-asan
+      - name: ccache environment
+        run: |
+          echo "CCACHE_BASEDIR=$PWD" >> $GITHUB_ENV
+          echo "CCACHE_DIR=$PWD/.ccache" >> $GITHUB_ENV
+      - name: Zero ccache stats and limit in size
+        run: ccache -z --max-size=500M
+      - name: Build with AddressSanitizer and LeakSanitizer
+        run: |
+          # Build with sanitizers enabled - using -O1 for reasonable performance
+          # -fsanitize=address: detects buffer overflows, use-after-free, etc.
+          # -fsanitize=leak: detects memory leaks
+          # -fsanitize=undefined: detects undefined behavior
+          # -fno-sanitize-recover=all: abort on first error for faster feedback
+          # -g: include debug symbols for better error reporting
+          export SANITIZER_FLAGS="-fsanitize=address -fsanitize=leak -fsanitize=undefined -fno-sanitize-recover=all -g -O1"
+          make -C src -j${{env.linux-vcpus}} \
+            CXXFLAGS="$SANITIZER_FLAGS" \
+            LINKFLAGS="$SANITIZER_FLAGS" \
+            MINISAT2=../../minisat-2.2.1
+          make -C unit -j${{env.linux-vcpus}} \
+            CXXFLAGS="$SANITIZER_FLAGS" \
+            LINKFLAGS="$SANITIZER_FLAGS"
+      - name: Print ccache stats
+        run: ccache -s
+      - name: Run unit tests
+        run: |
+          make -C unit test
+          make -C jbmc/unit test
+          echo "Running expected failure tests"
+          make TAGS="[!shouldfail]" -C unit test
+          make TAGS="[!shouldfail]" -C jbmc/unit test
+      - name: Run regression tests
+        run: |
+          export PATH=$PATH:`pwd`/src/solvers
+          make -C regression test-parallel JOBS=${{env.linux-vcpus}}
+          make -C regression/cbmc test-paths-lifo
+          make -C regression/cbmc test-cprover-smt2
+          make -C jbmc/regression test-parallel JOBS=${{env.linux-vcpus}}
