chore: add scheduled nightly build with AddressSanitizer (ASAN) #656 - done

[Vansh0Sharma]

What problem does this PR solve?

Issue Number: close #656

Type of Change

• 🐛 Bug fix (non-breaking change which fixes an issue)
• ✨ New feature (non-breaking change which adds functionality)
• 🚀 Performance improvement (optimization)
• ⚠️ Breaking change (fix or feature that would cause existing functionality to change)
• 🔨 Refactoring (no logic changes)
• 🔧 Build/CI or Infrastructure changes
• 📝 Documentation only

Description

Overview

This PR introduces a scheduled GitHub Actions workflow that automatically builds Bolt and executes its unit tests with AddressSanitizer (ASAN) enabled.

The "Why" (Motivation)

AddressSanitizer is exceptional at exposing critical, silent memory bugs—such as use-after-free, buffer overflows, and memory leaks—before they manifest as erratic segmentation faults in production. However, because ASAN instrumentation causes a substantial 2x to 5x performance and compilation time penalty, running it inline on every single Pull Request would severely throttle developer cycles and exhaust shared CI runner minutes.

Implementing this validation layer as a nightly cron job ensures continuous security auditing and engine stability without impacting day-to-day developer workflows. It acts as a safety barrier to prevent hidden runtime memory corruption from sliding into upstream distributed analytical systems like Apache Spark or Gluten.

The "How" (Implementation Details)

• Workflow Creation: Added .github/workflows/asan_scheduled_test.yml.
• Automation Trigger: Scheduled to run every night at 12:00 AM UTC via a cron expression, with a workflow_dispatch fallback to support manual validation by project maintainers directly from the UI.
• ASAN Injection: Injected -fsanitize=address and -fno-omit-frame-pointer flags into CXXFLAGS and LDFLAGS during the backend compilation process to force complete pointer boundary auditing.
• Dependency Optimization: Integrated actions/cache@v4 on the ~/.conan2 local path to keep dependency resolution times lightweight across recurring nightly executions.
• Automated Triage Escalation: Appended an if: failure() intercept module via an issue-bot. If a memory leak or crash occurs during compilation or testing, the system instantly logs a dedicated tracking issue on the repository and tags maintainers for swift triage.

Performance Impact

• No Impact: This change does not affect the critical path (e.g., build system, doc, error handling).
• Positive Impact: I have run benchmarks.
• Negative Impact: Explained below (e.g., trade-off for correctness).

Release Note

Release Note:

Chore: Added a scheduled nightly CI workflow to build and run unit tests with AddressSanitizer (ASAN) enabled to capture silent memory corruptions.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

---

VANSH SHARMA seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}