Not sure what this post has to do with Rust, but people do use static analysis on C and C++. The problem is that C and C++ are so flexible that retrofitting static verification after the fact becomes quite difficult.

Rust restricts the shape of program you are able to write so that it's possible to statically guarantee memory safety.

> Does it require annotations or can it validate any c code?

If you had clicked through you would see that it requires annotations.

> we don't even use static analysis and validators for c or C++

There is some use, how much I don't know. I guess it should be established best practice by now. Also run test suites with valgrind.

Historically many of the C/C++ static analyzers were proprietary. I haven't checked lately but I think Coverity was (is?) free for open source projects.

Today's experts are the novices of 40 years ago, and today's novices will be the experts in 40 years.

C and C++ don't require static analysis, and it's difficult to set up, and so most of us slide down the incentive gradient of using C / C++ without any helpers except CMake and gdb.

Rust requires it, so the noobies use it, so in 40 years the experts will accept it.