Narrow scan-build checkers to those that have an acceptably low false positive rate.
Our scan-build.sh script was written to use as many checkers as possible. But the false positive rate is unacceptably high -- to the point that we haven't routinized its use. We should instead try to get the false positive rate to the point where we are willing to run it daily and actually look at its output.