CODE VERIFICATION ================= Reference: Software Testing in the Real World: Improving the Process by Kit GENERIC CODE VERIFICATION CHECKLIST I. Data Reference Errors A. Array, string 1. Is subscript within bounds? B. Storage attributes 1. Does the variable's value have a type or attribute different than expected by the compiler? C. Storage allocation 1. Is storage allocated for referenced pointers? II. Data Declaration Errors A. Variable and constant attributes 1. If a variable is initialized in a declaration, is it properly initialized and consistent with its storage type? B. Variable and constant usage 1. Are there variables with similar names? III. Computation Errors A. Data type discrepancies 1. Are there any mixed-mode computations? 2. Are there computations using variables of the same data type but different lengths? 3. Is the target variable of an assignment smaller than the right-hand expression? B. Arithmetic 1. Is overflow or underflow in an intermediate result possible? 2. Is it possible for the divisor to be zero? 3. Are there any consequences to the accuracy of the result given base-2 arithmetic? C. Design evaluation errors 1. Are the assumptions about the order of evaluation and precedence correct? IV. Control Flow Errors A. Entrance/exit conditions 1. Will the program, subroutine, loop eventually terminate (if it should)? 2. Is there a possibility of premature loop exit? 3. Is it possible for a loop to never execute? Is this an oversight? B. Iteration 1. Are there any "off by one" errors? V. Interface Errors A. Parameters and arguments 1. Do the number and type match? B. Evaluation 1. Does a subroutine alter a parameter that is intended to only be input? VI. Input/Output Errors A. Files 1. Have all files been opened before use? B. Errors 1. Are EOF or I/O error conditions detected and handled? 2. Are there grammatical errors in program output text? "C" CODE VERIFICATION CHECKLIST I. Functionality A. Is there code which should be in a separate function? B. Is the code consistent with performance requirements? C. Does the code match the detailed design? II. Data Usage A. Data and variables 1. Are all variable names in lower case? 2. Do all but the most obvious declarations have comments? B. Constants 1. Are all constant names in upper case? 2. Are constants defined with: #define 3. Are constants that are used in multiple files defined in INCLUDE files? C. Pointer typing 1. Are pointers declared and used as pointers, not as integers? III. Control A. Branching 1. Are goto and labels used only when absolutely necessary? 2. Is "while" used rather than "do-while"? IV. Linkage A. Includes 1. Are nested INCLUDE files avoided? V. Computation A. Lexical rules for operators 1. Do primary operators "->" "." "()" not have space around them? 2. Do assignment and conditional operators have a space around them? 3. Does "(" immediately follow the function name? VI. Clarity A. Comments 1. Is the unit header informative and complete? 2. Are there sufficient comments to understand the code? B. Layout 1. Are loops indented and separated from surrounding code? 2. Are the use of braces {} standardized for "if" and loops?