Code Review
-
Upload
rantav -
Category
Technology
-
view
4.030 -
download
0
description
Transcript of Code Review
Code Review
Tools and Process
@rantav
Formal Code Review Meetings
• A sit down meeting • Everyone looks at the code• Need to get prepared in advance• People bring up issues that need
to be fixed before you can go ahead with commit
Formal Code Review - The Pain
• Needs preparation• Time consuming• Hard to concentrate• No time to dig in and be
thorough• Difficult to schedule the right
ppl, especially at decentralized companies or projects
• Synergy - Yes• Cost effective - No• Fun - well...
Code Review in Apache
1.Every change has a jira issue2.A patch is uploaded3.A committer reviews and writes comments per the
patch4.When LGTM, the committer commits
Email Code Review
Offline Code Review Tools
• Jupiter - Eclipse prehistorical plugin• Mondrian - Google• Rietveld - Free and very limited Mondrian• ReviewBoard - The leading open source• Crubicle - from Atlassian ($$)• Code Collaborator - the leading $$ from SmartBear• Gerrit - git goodness
Mondrian
Rietveld
http://code.google.com/p/rietveld/
Code Collaborator
http://smartbear.com/codecollab.php
reviewboard
http://www.reviewboard.org/
Gerrithttp://code.google.com/p/gerrit/
Motivation
• Teach• Learn• Maintain coding conventions • Find defects early• Get more ppl familiar with the code (no job security)
Motivation - by the numbers
Average defect detection rate:25% for unit testing35% for functional testing45% for integration testing
Design and code reviews 55% at design review60% at code review
Motivation - by the numbers
Average defect detection rate:25% for unit testing35% for functional testing45% for integration testing
Design and code reviews 55% at design review60% at code review
When?
• Before commit?
• After commit?
• During commit (?)
Who?
• Manager• Tech lead• Architect• Peers
o Any peer from the teamo The one most likely to have
valuable input
Checklist (?)
• Does the code build correctly?• Does the code execute as expected?• Is all new code tested? Altered code tests up to date?• Is the code readable?• Do you understand the code you are reviewing?• Has the developer tested the code?• coding conventions?• Are all functions, methods and classes documented?• Are complex algorithms and code optimizations adequately commented?• Error Handling• Resource Leaks• Thread Safeness• Is the code free of unintended infinite loops?• Are function parameters explicitly verified in the code?• Pending/TODO• assertions• abnormal terminations• Database Transactions• Correct synchronization• no deadlocks/livelocks• Bug Fix Side Effects• All the occurrences of the bug are fixed
Different Techniques - recap
• email• jira patch process a la apache• over the shoulder• formal review at a meeting room• pasetbin• web tools - reviewboard and such• GitHub - fork-review-pull process
Tips for Effective Code Review
• Psychology - Let's face it, there's a lot of psychology in it, so play nice.
• Be professional, nothing is personal• Strive to understand, not criticize.• Get prepared
o understand the technology in useo know the coding conventionso read related code (classes/method
being used)• Read Slow• Short
What's Short?
• No more than 60 minutes• No more than 200 LOC (C code)
Challenges ( לא (למה
• Ego
• The Hassle
The Book
Related
• Pair Programming• Code Reading (Doug Crockford)• Static Analysis tools
Extra slides
Eye tracking01 void main(void){ 02 int i, num, isPrime = 0; 03 04 printf("Input Number:"); 05 scanf("%d", &num); 06 07 i = 2; 08 while(i < num){ 09 if(num%i == 0) 10 isPrime = 1; 11 i = i + 1; 12 } 13 14 if(isPrime == 1) 15 printf("%d is prime number.¥n", num); 16 else 17 printf("%d is NOT prime number.¥n", num); 18 }
Eye tracking (2)
Eye tracking (3)
=> Now there's a physiological reason to write short method.
=> People who spend more time on the first scan find more issues and find them faster
Defect density vs LOC
http://smartbear.com/white-paper.php?content=docs/articles/Case-Study.html
Conclusion: Don't review too much code at once (<200-400 LOC)
Defect density vs LOC/hour
Conclusion: Take your time (<500 LOC/hour)http://smartbear.com/white-paper.php?content=docs/articles/Case-Study.html
Author preperation
Conclusion: Author preparation results in more efficient reviewshttp://smartbear.com/white-paper.php?content=docs/articles/Case-Study.html