Making analyzer warnings fatal

Hi everyone,

for the Julia source code, we have custom clang analyzer plugin that
validates certain GC invariants (GC frame management, making sure
values are rooted across safepoints, etc) in our runtime library [1].
We've now started running this on CI, but we noticed that newly
introduced errors don't actually cause the clang process to return a
non-zero exit code and are thus indistinguishable from a clean
analysis result. Is there a way to turn analyzer warnings into errors?
We tried `-Werror`, but that gets explicitly filtered when the
analyzer is used. There's probably something obvious we're missing,
but I didn't see anything even scanning through the source code.

Thanks,
Keno

[1] https://github.com/JuliaLang/julia/blob/master/src/clangsa/GCChecker.cpp

We have the scan-build --status-bugs flag for this purpose. I don't think we have such flag for invoking Clang directly, but that's not a reasonable user interface anyway.

Hmm, we don't use scan-build since we're invoking the analyzer as part
of the build system, so we can just directly pass it whatever the
right flags are, so the `clang --analyze` interface works just fine
for us. Shall I attempt a patch to make this possible? I figure we
could make something like `-Werror=analyzer` work without disrupting
anything else.

Thanks,
Keno

Just to tie a bow on this, in case somebody comes across this thread
later, on current clang trunk, you can now pass `-Xanalyzer
-analyzer-werror` and the warnings will be fatal, making it suitable
for use this way.

Keno