There are rules based on symbolic execution, including ones related to security - e.g. RSPEC-5782.
However symbolic execution currently is not performed for compilation units with parsing errors.
To best of our (CFamily bubble) knowledge, this is protection implemented in Clang against crashes of symbolic execution on incorrect/incomplete AST.
build-wrapper enforces that user code is compiled, but while actually being Clang our analyzer pretends to be an original compiler used by a user, so parsing errors arise and mostly inside system headers (e.g. due to use of compiler-specific built-in functions) in parts of AST not even necessarily reachable by symbolic execution.
To improve results of an analysis of user code, symbolic execution should be performed even in presence of parsing errors.
Patch Clang to run symbolic execution with crash recovery in the presence of parsing errors.