Add support for GCC static analyzer and ASAN

Also enable the static analyzer in the linux build.

Author: imciner2

.github/workflows/ci.yml

@@ -13,12 +13,24 @@ jobs:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
         include:
-          - os: ubuntu-latest
+          # Use 24.04 explicitly to get newer GCC version
+          - os: ubuntu-24.04
+            compiler: gcc
+            gcc: 14
+            extra_c_flags: "-fdiagnostics-format=sarif-file"
             coverage: ON
+            analysis: ON
+            asan: ON
           - os: macos-latest
+            extra_c_flags: ""
             coverage: OFF
+            analysis: OFF
+            asan: OFF
           - os: windows-latest
+            extra_c_flags: ""
             coverage: OFF
+            analysis: OFF
+            asan: OFF
 
     runs-on: ${{ matrix.os }}
 
@@ -34,7 +46,15 @@ jobs:
       - name: Configure
         shell: bash
         working-directory: ${{ runner.workspace }}/build
-        run: cmake --warn-uninitialized -DCMAKE_BUILD_TYPE=$BUILD_TYPE -DQDLDL_UNITTESTS=ON -DCOVERAGE=${{ matrix.coverage }} $GITHUB_WORKSPACE
+        run: |
+          cmake -S $GITHUB_WORKSPACE -B ${{ runner.workspace }}/build \
+          --warn-uninitialized \
+          -DCMAKE_BUILD_TYPE=$BUILD_TYPE \
+          -DQDLDL_UNITTESTS=ON \
+          -DQDLDL_DEV_COVERAGE=${{ matrix.coverage }} \
+          -DQDLDL_DEV_ANALYSIS=${{ matrix.analysis }} \
+          -DQDLDL_DEV_ASAN=${{ matrix.asan }} \
+          -DCMAKE_C_FLAGS=${{ matrix.extra_c_flags }}
 
       - name: Build
         shell: bash
@@ -62,6 +82,21 @@ jobs:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           path-to-lcov: '${{ runner.workspace }}/build/coverage.info'
 
+      - name: Merge diagnostics
+        if: ${{ matrix.analysis == 'ON' }}
+        uses: microsoft/[email protected]
+        with:
+          # Command to be sent to SARIF Multitool
+          command: 'merge ${{ runner.workspace }}/build/*.sarif --recurse true file.sarif --output-directory=${{ runner.workspace }}/build/ --output-file=gcc.sarif'
+
+      - name: Upload diagnostics
+        if: ${{ matrix.analysis == 'ON' }}
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: ${{ runner.workspace }}/build/gcc.sarif
+          category: gcc
+
 
   test_configs:
     strategy:

CMakeLists.txt

@@ -10,6 +10,7 @@ set(QDLDL_VERSION "${QDLDL_VERSION_MAJOR}.${QDLDL_VERSION_MINOR}.${QDLDL_VERSION
 project(qdldl VERSION ${QDLDL_VERSION})
 
 include( CMakeDependentOption )
+include( CheckCXXCompilerFlag )
 
 option( QDLDL_BUILD_STATIC_LIB "Build the static library" ON )
 option( QDLDL_BUILD_SHARED_LIB "Build the shared library" ON )
@@ -24,6 +25,14 @@ cmake_dependent_option( QDLDL_UNITTESTS
                         OFF    # Default to off
                         QDLDL_BUILD_STATIC_LIB OFF ) # Force off if the static library isn't built
 
+# Dev options
+option( QDLDL_DEV_COVERAGE "Include coverage information in the library" OFF )
+option( QDLDL_DEV_ANALYSIS "Run the compiler static analysis checks" OFF )
+option( QDLDL_DEV_ASAN "Build with ASAN" OFF )
+
+mark_as_advanced( OSQP_DEV_COVERAGE )
+mark_as_advanced( OSQP_DEV_ANALYSIS )
+
 # Set the output folder where your program will be created
 set(EXECUTABLE_OUTPUT_PATH ${PROJECT_BINARY_DIR}/out)
 set(LIBRARY_OUTPUT_PATH ${PROJECT_BINARY_DIR}/out)
@@ -62,14 +71,35 @@ set(CMAKE_POSITION_INDEPENDENT_CODE ON)  # -fPIC
 # Add compiler options if we are not on windows
 if (NOT MSVC)
 
-    if (COVERAGE)
+    if (QDLDL_DEV_COVERAGE)
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --coverage")
 
 	      if(FORTRAN)
 		        set(CMAKE_FORTRAN_FLAGS "${CMAKE_FORTRAN_FLAGS} --coverage")
 	      endif(FORTRAN)
     endif()
 
+    if (QDLDL_DEV_ANALYSIS)
+        check_cxx_compiler_flag( "-fanalyzer" COMPILER_SUPPORTS_FANALYZER )
+
+        if( COMPILER_SUPPORTS_FANALYZER )
+            set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fanalyzer")
+
+            message( STATUS "Enabling -fanalyzer static analysis" )
+        endif()
+    endif()
+
+    if(OSQP_ASAN)
+        set( CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -g -fsanitize=address -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer" )
+        set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g -D_GLIBCXX_SANITIZE_VECTOR -fsanitize=address -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer" )
+
+        # ASAN shouldn't be used with these options (https://github.com/google/sanitizers/wiki/AddressSanitizer#faq)
+        set( CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fno-stack-protector -U_FORTIFY_SOURCE" )
+        set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fno-stack-protector -U_FORTIFY_SOURCE" )
+
+        message( STATUS "Enabling ASAN" )
+    endif()
+
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O3")
     set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -O0 -g")
 endif (NOT MSVC)