On 9/29/17, Jens Alfke <j...@mooseyard.com> wrote: > > it’s not a good idea to walk into a community and > immediately tell everyone that they’re doing things the wrong way
It's worse than that. The very first sentence we heard from Mr. Razumovsky was an imperative: "Remove warnings!". And though he did at least say "Please", starting out with a command is not the most endearing way to enter a community. We have yet to learn who Mr. Razumovsky is, or why he feels it is so urgent that we spend weeks of time churning the SQLite code (and likely introducing bugs) to silence a bunch of harmless warnings. The "Power Of 10" webpage appears to be a distillation of the MISRA C guidelines. The "maximum warnings enabled" rule is number 10. It is worth pointing out that SQLite fails the other 9 rules too, some of them spectacularly. For example, sqlite3.c contains 818 goto statements. And the function that implements the byte-code engine is over 121 printed pages long. I studied MISRA C in detail a decade or so ago and I was not impressed. MISRA seems focused on improving quality by imposing stylistic guidelines. All the MISRA guidelines seems to be created with an eye toward being able to verify them at compile-time. MISRA is concerned with how long your functions are, and how many assert() and goto statements you use, whereas I think it is more important to focus on getting the correct answer. DO-178B puts more emphasis on run-time verification, which is why I prefer using it over MISRA. This statement is still true: More bugs have been introduced into SQLite trying to silence compiler warnings than compiler warnings have found. -- D. Richard Hipp d...@sqlite.org _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
