Bugs such as allocations returning NULL pointers without checks, memory leaks, duplicate memory frees and uninitialized variables are easy to find with static analyzers and generally just require generally one or two line fixes.
So what are the overall trends like?
which GCC handles has byte sized but is not legal C), and these are slowly increasing over time. Note that there is some variation in the results as I use the latest versions of cppcheck, and occasionally it finds a lot of false positives and then this gets fixed in later versions of cppcheck.
Comparing it to the growth in kernel size the drop overall warning and error message trends from cppcheck aren't so bad considering the kernel has grown by nearly 11% over the time I have been running the static analysis.
|Kernel source growth over time|
It would be interesting to run this analysis on commercial static analyzers such as Coverity and see how the stats compare. As it stands, cppcheck is doing it's bit in detecting errors and helping engineers to improve code quality.