On Wed, Jan 22, 2014 at 3:46 PM, Jeffrey Walton <[email protected]> wrote:
> Here are some results from Clang 3.3 and its scan-build engine on > sqlite-amalgamation32k-201401171527.zip. Its a pretty good analyzer > and it keeps getting better. > Thank you for sending us all the Clang warnings. We do run SQLite through scan-build and with -fsanitize=undefined (among countless other tests, http://www.sqlite.org/checklists/3080200/index) prior to every release. But for 3.8.0, we used Clang 3.0. It looks like Clang 3.3 will be vexing us with a whole new fresh crop of warnings. Static analysis has not be helpful, historically, in locating bugs in SQLite. See http://www.sqlite.org/testing.html#staticanalysis for further discussion on this. We've actually created more bugs trying to deal with warnings from static analyzers that static analyzers have found in the first place. So compiler warnings and static analysizers have been a net-loss for SQLite. It is an even greater loss when you realize that the considerable time we spend trying to squash compiler warnings is time taken away from actually improving the code. Nevertheless, we have and continue to work very hard to get SQLite to compile warning-free on as many platforms as possible. You many continue to use SQLite 3.8.2 with confidence that the warnings you have reported are very likely all false positives. I have recently updated my desktop and now have a brand new Clang 3.4 installed, which will be used for the next release coming up in a few weeks. I'll try to eliminate as many of these false-positive warnings as I can prior to the 3.8.3 release. -- D. Richard Hipp [email protected] _______________________________________________ sqlite-users mailing list [email protected] http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
