Static analyzer gives no warnings in #included *.c files

Ping.
Is this by design or a bug?

$ cat foo.c
int foo( void ) {
   int x;
   if ( x ) return 1; /* uninitialized */
   return 0;
}

$ cat main.c
#include "foo.c" /* ignored by static analyzer? */
int main( void ) {
   return 0;
}

$ clang main.c --analyze
$ clang --version
clang version 3.1 (trunk 148340)

Analysis of main.c is defective. Explicit analysis of foo.c does give a warning.

$ clang foo.c --analyze
foo.c:3:10: warning: Branch condition evaluates to a garbage value
   if ( x ) return 1; /* uninitialized */
        ^
1 warning generated.

Robert P.

This is a heuristic. The idea is that code included from headers should not be analyzed since it is repeatedly included. This heuristic is not optimal, and certainly could be relaxed for included files that are not headers. Moreover, we are experimenting with basic IPA, and if a function within the header is called by code within the main source file then that code will be analyzed in that case.

For this specific case, I think it is worth filing a PR.

This is a heuristic. The idea is that code included from headers should not be analyzed since it is repeatedly included. This heuristic is not optimal, and certainly could be relaxed for included files that are not headers.

Even that relaxation seems really pessimistic. There would still be no
way to validate anything in headers... (is the expectation that the
user should pass the header itself to the static analyzer explicitly
for analysis?)

Moreover, we are experimenting with basic IPA, and if a function within the header is called by code within the main source file then that code will be analyzed in that case.

That would help - but still I'm surprised at the pessimism of not
checking anything in headers. Duplicate diagnostics from analyzing two
files that include the same header still seem more valuable than
getting nothing from either.

- David

It's a performance optimization that isn't trivial. Headers can contain a lot of code. Moreover, some users don't want to see warnings in headers if it involves code they didn't write and they can't change. The heuristic isn't ideal, and certainly we could do better.