-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Daniel Hulme skrev:
On Wed, Sep 09, 2009 at 05:54:13AM -0700, Vinnie wrote:
"Static analysis means analyzing code at or before compile-time to check for correctness. Static analysis consists mostly of making sure SQLite compiles without warnings, even when all warnings are enabled.
We cannot call to mind a single problem in SQLite that was detected by static analysis that was not first seen by one of the other testing methods described above.
It sounds like they're saying that no SQLite developer has ever made a change (even locally) that resulted in the code failing to compile. It sounds like they're saying the type-checker has never informed them of a bug in their code - I know C's type system is hardly worthy of the name, but still, these are pretty impressive claims. I don't think I can even claim to have worked on a project for a day without the compiler informing me of a problem in my code like the wrong number of *'s, assigning a value to a variable of the wrong type, forgetting the closing brace, or something similar; and I know I'm not a particularly error-prone programmer.
Actually, I believe they're claiming that they more heavily rely on a rather impressive unit- and regression testing scheme than on compiler warnings. No warning has ever informed them of a bug that their regression tests would not have caught. They then conclude that the compiler warnings may lead to lower quality code, which I have trouble believing. If rearranging or rewriting code to avoid a given compiler warning results in a bug then I suspect they have a design problem instead. YMMV. Just my chuck-in here. :-) /Brian -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkqqIRAACgkQk1tAOprY6QHlIACeMxqArA0DMeQn+S4LGjhM2eUj jo4AoK/m/fwb87AA9jW9wDHWkZbtKOS1 =GMgz -----END PGP SIGNATURE-----