On Wed, 6 Nov 2019 at 22:21, Richard Hipp <d...@sqlite.org> wrote: > On 11/6/19, Raitses, Alex <alex.rait...@intel.com> wrote: > > Hello, > > Please find attached Klocwork static analysis report for “C source code > as > > an amalgamation”, version 3.30.1 (sqlite3.c). > > Can you please review the report attached and update which bugs can be > > fixed. > > > > (1) This mailing list strips attachments. > > (2) Klocworks does not find "bugs". Rather, it finds warnings. The > overwhelming majority of warnings found by klocworks are > false-positives. I do not recall an occasion where klockworks found > an actual bug in SQLite. Mostly, klocworks warning list are just a > distraction for the developers that take their time away from finding > real bugs. Please ignore klocworks, at it is not a useful tool for > finding errors in SQLite.
Having done a triage of Klocwork issues on an earlier amalgamation (to assuage organisational worry about open source), by far the majority were null pointer warnings on code paths that could never be null. It did not inspire confidence. Regards, Donald Shepherd. _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
