实验四 代码评审
实验四 代码评审
一、实验目的
1) 了解代码审查的含义;
2) 掌握相关编程规范检查工具的安装与使用;
二、实验内容及要求
Code Review中文应该译作“代码审查”或是“代码评审”或“代码复查”,是指通过阅读代码来检查源代码与编码标准的符合性以及代码质量的活动。Code Review主要用来在软件工程过程中改进代码质量,通过代码评审可以达到如下目的:
●在项目早期就能够发现代码中的BUG
●帮助初级开发人员学习高级开发人员的经验,达到知识共享
●避免开发人员犯一些很常见,很普通的错误
●保证项目组人员的良好沟通
●项目或产品的代码更容易维护
代码评审主要内容是编程规范,重构方法,架构设计,性能安全,日志,可读性,扩展性等问题。通过代码评审可查找和修复引入到开发阶段的应用程序的错误,提高软件的整体素质和开发者的技能。代码评审的作用和意义已在很多技术团队内达成共识,可是很多时候并未被有效执行,甚至被认为是一项费时费力的工作。借助一些工具可以更容易,更有效率地来进行Code Review。
1、以小组形式,针对前面“实验一”中所完成的代码,进行代码评审(走查),重点检查以下情况。你也可有查询相关材料,建立更细化的检查清单(check list)
- 程序是否能正常工作,代码是否实现预期的功能,逻辑是否正确。
- 代码是否遵循的编程规范
- 代码是否尽可能的模块化
- 所有的数据输入是否都进行了检查
- 是否有注释,并且描述了代码的意图
- 代码的可理解性和可测试性
2、按“实验二”的分组方式,两人一组,随机分配另一组的代码作为本组评审和分析的对象
一些编码规范的检查工具如下,也可自行查找工具使用。
三、实验过程
(1)配置代码审查工具。要求采用屏幕截图的方式配置的过程
首先是代码审查工具PC-lint CONFIG的下载(由于官方试用版本需企业邮箱,所以选择破解版本不附带地址)
运行pclint9setup.exe进行安装,仅展示主要步骤
首先对软件进行默认安装,安装完成后勾选进入配置-------->选择软件所安装的路径-------->选择所安装的编程开发环境-------->依据自己的开发环境及PC机的配置进行选择-------->选择软件进行检查时所依据的标准,一般选择MISRA 2004,这是目前高效编程中标准最好的
接下来是进行代码审查工具的系统环境的配置
进行运行环境的配置(选用的Visual C++ 6.0)
在工具中选择定制——》工具——》菜单内容进行添加pc-lint——》接着在命令中输入lint-nt.exe地址——》在变量中输入-i"E:/lint" -u std.lnt env-vc6.lnt "$(FileName)$(FileExt)"——》在初始目录输入$(FileDir)
在进行代码审查时先选择pc-lint即可进行分析
(2)使用工具对原始代码进行评审和分析,记录结果,期间不要有任何修改;
PC-lint for C/C++ (NT) Vers. 9.00a, Copyright Gimpel Software 1985-2008
--- Module: LifeGame.c (C)
CellsMap[i][j]=rand()%2; //细胞初始状态随机
LifeGame.c(18): error 662: (Warning -- Possible creation of out-of-bounds pointer (41 beyond end of data) by operator '[' [Reference: file LifeGame.c: lines 16, 17, 18])
LifeGame.c(16): error 831: (Info -- Reference cited in prior message)
LifeGame.c(17): error 831: (Info -- Reference cited in prior message)
LifeGame.c(18): error 831: (Info -- Reference cited in prior message)
CellsMap[i][j]=rand()%2; //细胞初始状态随机
LifeGame.c(18): error 661: (Warning -- Possible access of out-of-bounds pointer (41 beyond end of data) by operator '[' [Reference: file LifeGame.c: lines 16, 17, 18])
LifeGame.c(16): error 831: (Info -- Reference cited in prior message)
LifeGame.c(17): error 831: (Info -- Reference cited in prior message)
LifeGame.c(18): error 831: (Info -- Reference cited in prior message)
while(1)
LifeGame.c(24): error 716: (Info -- while(1) ... )
{ system("cls");
LifeGame.c(25): error 534: (Warning -- Ignoring return value of function 'system(const char *)' (compare with line 316, file E:\Microsoft Visual Studio\VC98\include\stdlib.h))
E:\Microsoft Visual Studio\VC98\include\stdlib.h(316): error 830: (Info -- Location cited in prior message)
s=CellsMap[i-1][j-1]+CellsMap[i-1][j]+CellsMap[i-1][j+1]+CellsMap[i][j-1]+CellsMap[i][j+1]+CellsMap[i+1][j-1]+CellsMap[i+1][j]+CellsMap[i+1][j+1];
LifeGame.c(38): error 679: (Warning -- Suspicious Truncation in arithmetic expression combining with pointer)
LifeGame.c(38): error 679: (Warning -- Suspicious Truncation in arithmetic expression combining with pointer)
LifeGame.c(38): error 679: (Warning -- Suspicious Truncation in arithmetic expression combining with pointer)
LifeGame.c(38): error 679: (Warning -- Suspicious Truncation in arithmetic expression combining with pointer)
LifeGame.c(38): error 679: (Warning -- Suspicious Truncation in arithmetic expression combining with pointer)
LifeGame.c(38): error 679: (Warning -- Suspicious Truncation in arithmetic expression combining with pointer)
LifeGame.c(38): error 661: (Warning -- Possible access of out-of-bounds pointer (1 beyond end of data) by operator '[' [Reference: file LifeGame.c: lines 35, 36, 38])
LifeGame.c(35): error 831: (Info -- Reference cited in prior message)
LifeGame.c(36): error 831: (Info -- Reference cited in prior message)
LifeGame.c(38): error 831: (Info -- Reference cited in prior message)
s=CellsMap[i-1][j-1]+CellsMap[i-1][j]+CellsMap[i-1][j+1]+CellsMap[i][j-1]+CellsMap[i][j+1]+CellsMap[i+1][j-1]+CellsMap[i+1][j]+CellsMap[i+1][j+1];
LifeGame.c(38): error 662: (Warning -- Possible creation of out-of-bounds pointer (39 beyond end of data) by operator '[' [Reference: file LifeGame.c: lines 35, 36, 38])
LifeGame.c(35): error 831: (Info -- Reference cited in prior message)
LifeGame.c(36): error 831: (Info -- Reference cited in prior message)
LifeGame.c(38): error 831: (Info -- Reference cited in prior message)
s=CellsMap[i-1][j-1]+CellsMap[i-1][j]+CellsMap[i-1][j+1]+CellsMap[i][j-1]+CellsMap[i][j+1]+CellsMap[i+1][j-1]+CellsMap[i+1][j]+CellsMap[i+1][j+1];
LifeGame.c(38): error 661: (Warning -- Possible access of out-of-bounds pointer (39 beyond end of data) by operator '[' [Reference: file LifeGame.c: lines 35, 36, 38])
LifeGame.c(35): error 831: (Info -- Reference cited in prior message)
LifeGame.c(36): error 831: (Info -- Reference cited in prior message)
LifeGame.c(38): error 831: (Info -- Reference cited in prior message)
s=CellsMap[i-1][j-1]+CellsMap[i-1][j]+CellsMap[i-1][j+1]+CellsMap[i][j-1]+CellsMap[i][j+1]+CellsMap[i+1][j-1]+CellsMap[i+1][j]+CellsMap[i+1][j+1];
LifeGame.c(38): error 662: (Warning -- Possible creation of out-of-bounds pointer (40 beyond end of data) by operator '[' [Reference: file LifeGame.c: lines 35, 36, 38])
LifeGame.c(35): error 831: (Info -- Reference cited in prior message)
LifeGame.c(36): error 831: (Info -- Reference cited in prior message)
LifeGame.c(38): error 831: (Info -- Reference cited in prior message)
s=CellsMap[i-1][j-1]+CellsMap[i-1][j]+CellsMap[i-1][j+1]+CellsMap[i][j-1]+CellsMap[i][j+1]+CellsMap[i+1][j-1]+CellsMap[i+1][j]+CellsMap[i+1][j+1];
LifeGame.c(38): error 661: (Warning -- Possible access of out-of-bounds pointer (40 beyond end of data) by operator '[' [Reference: file LifeGame.c: lines 35, 36, 38])
LifeGame.c(35): error 831: (Info -- Reference cited in prior message)
LifeGame.c(36): error 831: (Info -- Reference cited in prior message)
LifeGame.c(38): error 831: (Info -- Reference cited in prior message)
s=CellsMap[i-1][j-1]+CellsMap[i-1][j]+CellsMap[i-1][j+1]+CellsMap[i][j-1]+CellsMap[i][j+1]+CellsMap[i+1][j-1]+CellsMap[i+1][j]+CellsMap[i+1][j+1];
LifeGame.c(38): error 662: (Warning -- Possible creation of out-of-bounds pointer (41 beyond end of data) by operator '[' [Reference: file LifeGame.c: lines 35, 36, 38])
LifeGame.c(35): error 831: (Info -- Reference cited in prior message)
LifeGame.c(36): error 831: (Info -- Reference cited in prior message)
LifeGame.c(38): error 831: (Info -- Reference cited in prior message)
s=CellsMap[i-1][j-1]+CellsMap[i-1][j]+CellsMap[i-1][j+1]+CellsMap[i][j-1]+CellsMap[i][j+1]+CellsMap[i+1][j-1]+CellsMap[i+1][j]+CellsMap[i+1][j+1];
LifeGame.c(38): error 661: (Warning -- Possible access of out-of-bounds pointer (41 beyond end of data) by operator '[' [Reference: file LifeGame.c: lines 35, 36, 38])
LifeGame.c(35): error 831: (Info -- Reference cited in prior message)
LifeGame.c(36): error 831: (Info -- Reference cited in prior message)
LifeGame.c(38): error 831: (Info -- Reference cited in prior message)
else if(s==2) //周围有2个活细胞时,该细胞下一代状态不变
LifeGame.c(41): error 525: (Warning -- Negative indentation from line 39)
LifeGame.c(39): error 830: (Info -- Location cited in prior message)
system("color f0");
LifeGame.c(55): error 534: (Warning -- Ignoring return value of function 'system(const char *)' (compare with line 316, file E:\Microsoft Visual Studio\VC98\include\stdlib.h))
E:\Microsoft Visual Studio\VC98\include\stdlib.h(316): error 830: (Info -- Location cited in prior message)
--- Wrap-up for Module: LifeGame.c
LifeGame.c(59): error 766: (Info -- Header file 'E:\Microsoft Visual Studio\VC98\include\string.h' not used in module 'LifeGame.c')
--- Global Wrap-up
error 900: (Note -- Successful completion, 50 messages produced)
工具返回代码: 50
(3)对工具执行结果进行人工分析,结合检查清单和人工走查的出代码修改建议;
| 错误码 | 行数 | 错误原因 |
| 534 | 25、55 | 函数返回值被忽略 |
| 661 | 38 | 可能访问越界的指针 |
| 662 | 18、38 | 可能创建越界指针 |
| 831 | 16、17、18、35、36、38 | 先前消息中引用的引用 |
| 679 | 38 | 在算术表达式联合指针时可疑地切断 |
| 830 | 39 | 在以前的信息中位置引用 |
| 766 | 59 | 头文件FileName应该被去除包含 |
| 525 | 41 | 从当前位置消极缩排 |
| 716 | 24 | 发现while(1) ... |
经过分析发现代码中存在的问题5个属于告警、4个属于提示信息
对于代码可能访问越界可以查看地址值,对于用变量作为参数访问元素时,需要控制好变量范围。如果变量值由外部因素决定,那么访问前先对合道法性做判断,防止越界
对于消极缩进要进行统一正确缩进
返回值忽略是由于函数的使用后的返回值未使用,可以进行函数的更换或者调试
在算术表达式联合指针时可疑地切断可能是由于前面的越界问题引起
(4)通过github issues向项目维护者提交问题(issue),注意一个issue 只报告一个问题,多个问题需放在多个issue中,以便跟踪。
(5)记录总结实验过程中遇到的问题和解决过程
1、本次实验需要审查的代码为C语言编写,从网上查找pc-lint可以进行审查,但是官网下载需要企业邮箱进行免费试用(本人没有),只能找破解版资源
2、由于我的VC++ 6.0有点不兼容所以进行安装pc-lint时进行了多次安装后成功
3、进行查找代码审查的软件时发现大部分的软件都是审查C++、python、Java等,C语言的非常少(都说C语言的人工审查是王道)
4、pc-lint不熟悉又找到相关的安装教程和错误大全进行查看
