feat(cpp-phase2): PR-05 transitive-include fallback for C resolver

[shivasurya]

Summary

Single-fix follow-up to PR-04 — ports the transitive-include fallback (already shipped on the C++ resolver) to the C resolver. Stacked on PR-04; should merge after.

What's in here

lookupCStdlib now runs in two stages instead of one:

1. Direct system includes — existing fast path: walk the caller file's own #include <…> list.
2. Manifest-wide fallback — when the direct walk doesn't yield a hit, scan every header in the loaded manifest. First hit wins.

Bounded to the manifest's loaded headers, so symbols not in the manifest can never bind. Stdlib symbols are uniquely owned by one header in the real world, so first-hit-wins is effectively the same as best-match.

Why this matters

Real C codebases route stdlib pulls through a project-internal header. Redis is the canonical example:

// src/server.h
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <pthread.h>
// ... etc

// every other .c file
#include "server.h"     // <-- pulls everything transitively

PR-02's resolver only walked DIRECT system includes, so when redis-cli.c called strlen it never looked in <string.h> because the include chain was indirect. The fix lets the resolver fall back to the full manifest when direct lookup misses — same shape PR-04 already shipped on the C++ side.

The C-fallthrough in the C++ builder also benefits — .cpp files calling printf / malloc / memcpy route through this code path.

Validation

Project	PR-04 baseline	PR-05 result	Δ
smoke fixture (testdata/c/stdlib)	100%	100%	— (regression check)
redis full tree	63.1%	67.8%	+4.7 pp
proxygen full tree	17.1%	25.4%	+8.3 pp (via C-fallthrough)

Top redis unresolveds before this fix that now resolve: strcasecmp (952), memcpy (146), strlen (136), snprintf (128), strerror (119), memset (114), exit (104), strerror, malloc/free, pthread_mutex_*, ntohs/htons.

Verification

• gradle buildGo — clean
• go test ./... — all packages pass
• golangci-lint run ./... — 0 issues

Test plan

• CI green
• Verify redis manual scan reaches ≥67% with this change
• No regression on PR-04's proxygen std::move resolution

Related

Continues the gap analysis posted on #682. The remaining uplift (proxygen → ~30%) needs receiver-type inference for STL container methods (vec.size(), str.empty()) — separate, larger effort.

🤖 Generated with Claude Code

[safedep]

SafeDep Report Summary

No dependency changes detected. Nothing to scan.

View complete scan results →

_{This report is generated by SafeDep Github App}

[github-actions]

Code Pathfinder Security Scan

No security issues detected.

Metric	Value
Files Scanned	2
Rules	205

---

_{Powered by Code Pathfinder}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.69%. Comparing base (f0bfd81) to head (8f4b90a).

Additional details and impacted files

@@                            Coverage Diff                            @@
##           shiva/cpp-phase2-pr04-resolution-quality     #683   +/-   ##
=========================================================================
  Coverage                                     85.68%   85.69%           
=========================================================================
  Files                                           203      203           
  Lines                                         29209    29212    +3     
=========================================================================
+ Hits                                          25029    25032    +3     
  Misses                                         3207     3207           
  Partials                                        973      973           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.