Our website uses cookies to enhance your browsing experience.
Accept
to the top
>
>
>
Code review

Code review

Mar 06 2013

Code review is one of the oldest and most reliable methods of defect detection. It is based on the simple idea used in many other areas of human life: if a problem is being discussed and solved by several people, they will be able to work out a better solution and avoid many mistakes. When one is working alone, one may even not suspect he/she is making an obvious mistake or realizing something in a non-optimal way.

The code review method implies collaborative attentive reading of source code and suggesting recommendations on improving it. Errors or potentially incorrect code fragments are detected during the process of code review. It is also accepted that the author of the code shouldn't give any explanations on how a certain part of the program works. The execution algorithm should be clear directly from the program text and comments. If the code doesn't meet this condition, it should be revised.

Code review is usually an effective method, as programmers notice errors in another's code easier than in their own. Code review also fulfills an educational purpose: programmers participating in the review learn new programming methods, patterns and good coding styles. To learn more about the code review method see a wonderful book by Steve McConnell "Code Complete" [1]. The Wikipedia article might be of interest too: Code review [2].

The only yet great disadvantage of this method is its high cost. You need to gather several programmers regularly to review fresh code or re-review revised code. It distracts programmers from their own tasks and requires their focusing on the new work. At the same time, they need regular breaks. If you try to review large code fragments at once, your attention quickly weakens and the benefit of code review decreases as quickly. As a result, a great many man-hours are spent on code review.

A compromise solution that helps reduce the price of code analysis is using specialized software tools. These tools perform static code analysis and give recommendations to the programmer on which code fragments to consider. Since static analyzers don't possess AI, they perform analysis worse than a programmer. On the other hand, these tools work fast, don't get tired and can be used regularly. The static code analyzer PVS-Studio developed by our company is one of these programs. It has an especially useful mode of incremental analysis which is launched automatically after compiling modified files. Consequently, many bugs and misprints can be caught very early.

References

  • Steve McConnell, "Code Complete, 2nd Edition" Microsoft Press, Paperback, 2nd edition, Published June 2004, 914 pages, ISBN: 0-7356-1967-0.
  • Wikipedia. Code review. https://en.wikipedia.org/wiki/Code_review
Popular related articles


Comments (0)

Next comments next comments
close comment form
close form

Fill out the form in 2 simple steps below:

Your contact information:

Step 1
Congratulations! This is your promo code!

Desired license type:

Step 2
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement
close form
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS‑Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

close form
I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

close form
check circle
Message submitted.

Your message has been sent. We will email you at


If you do not see the email in your inbox, please check if it is filtered to one of the following folders:

  • Promotion
  • Updates
  • Spam