Bulletproofing C++ Code
Sergei Sokolov examines interesting techniques at Dr. Dobbs Journal, that improve the stability and reduce the risks of errors for C++ programming.
Here a short summary.
Step 1. Use Static Analyis
- Peer code reviews remain the best approach for finding code defects
- using a human brain to read and understand the code, looking for defects with a fresh eye
- about 60 percent of defects can be removed via code reviews
- automated static analysis effectively support this step
- two types of static analysis exists : pattern matching (based on coding practices or coding policy) and dataflow analysis
- Effective application of static analysis goes beyond buying the appropriate tools; it also requires the careful application and monitoring of processes
Step 2. Establish a Reliable Regression Base
- in average 25 percent of software defects are introduced while programmers are fixing and changing code during maintenance
- first create some regression tests before making any code changes
- There are two approaches to create such a regression test suite. Top-down by identifying the module-under-test’s high-level API and bottom-up by starting from the leaf-level functions and examine the internal paths.
- support this step by tools capable auto-generating API tests and test coverage.
- Once the test suite is in place, its execution must be automated so that it can be run on a regular and frequent basis
Step 3. Develop Unit and Regression Tests
- Once you begin writing code or fixing issues in existing code, there’s no excuse for neglecting to properly test the code you wrote
- If you have fixed a defect, tests have to be created to verify the fix
Step 4. Static Analysis and Code Review
- Once the new code passes all the checks, including a clean bill of health from static analysis and regression testing with sufficient coverage, it should be finalized by a team code review
Posted in Uncategorized