Now that VS has code analysis available even for the people in the cheap seats, I’ve been banging around on it. And code analysis in general just has major drawbacks that C++ should in some way try to address in order to make it the tool it should be. I’ve some limited experience with PC-lint and it has many of the same issues. Maybe I’m out of the loop on some of this and complaining about things that are already taken care of. That wouldn’t be unusual.
For one, it’s a huge mess if you are doing cross platform development. Assuming you are using compiler/native tools supplied stuff (because you can’t afford or don’t want to use a heavy weight thing like PC-lint), if you need to suppress warnings, they’d all be different on different platform compilers. That makes it almost a necessity to only do analysis on one of them and use its suppression mechanisms. The creation of at least some core set of common, general language oriented warning codes that can be widely used would be enormously helpful. Clearly that could be done, leaving of course the ability to have platform/product specific ones as well.