Zipvfs

Coding Style
Login

Coding Style

General points::

  1. No line of code exceeds 80 characters in length.
  1. There are no tab characters.
  1. 2-space indentation is used.
  1. Comments contain no spelling or grammatical errors. (Abbreviations and sentence fragments are acceptable when trying to fit a comment on a single line as long as the meaning is clear.)
  1. The tone of comments is professional and courteous. Comments contain no profanity, obscenity, or inuendo.
  1. All C-code conforms to ANSI C-89.

C preprocessor macros:

  1. The purpose of every preprocessor macros is clearly explained in a comment associated with its definition.
  1. Every preprocessor macro is used at least once.
  1. The names of preprocessor macros clearly reflect their use.
  1. Assumptions about the relative values of related macros are verified by asserts. Example: assert(READ_LOCK+1==WRITE_LOCK);

Function header comments:

  1. Every function has a header comment describing the purpose and use of the function.
  1. Function header comment defines the behavior of the function in sufficient detail to allow the function to be reimplemented from scratch without reference to the original code.
  1. Functions that perform dynamic memory allocation (either directly or indirectly via subfunctions) say so in their header comments. The memory pool used for dynamic memory allocation is clearly stated.
  1. The behavior of functions in an OOM situation is clearly stated in the header comment.
  1. The behavior of functions during an I/O error is clearly stated in the header comment.
  1. The behavior of functions when faced with a corrupt database file is clearly stated in the header comment.
  1. The behavior of the function during all other exception conditions (conditions other than OOM, I/O error, or corruption) is clearly stated.

Function bodies:

  1. The name of a function clearly reflects its purpose.
  2. Exception conditions do not cause memory or other resource leaks.
  3. Exception conditions leave the system in a consistent and well-defined state.
  4. The maximum size of a memory allocation is proportional to the the uncompressed database page size.
  5. Automatic variables are small, not large objects or arrays. Avoid excessive stack usage.
  6. The check-list items for functions also apply to major subsections within a function.
  7. Bounded recursion
  8. All code subblocks are enclosed in {...}.
  9. assert() macros are used as follows :
    1. Function preconditions are clearly stated and verified by asserts.
    2. Assumptions about which thread locks are held are explicitly stated and tested by asserts.
    3. Invariants are identified by asserts.
  10. testcase() macros are used as follows:
    1. Sufficient testcase() macros and/or code paths exist to verify that all OOM scenarios have been tested.
    2. Sufficient testcase() macros and/or code paths exist to verify that all I/O error scenarios have been tested.
    3. Sufficient testcase() macros and/or code paths exist to verify that all corrupt database file scenarios have been tested.
    4. Sufficient testcase() macros and/or code paths exist to verify that all exception conditions have been tested.
    5. Sufficient testcase() macros and/or code paths exist to verify that all boundary conditions have been tested.
    6. Testcase() macros exist to prove that all cases of a switch statement are tested.
    7. Testcase() macros exist to prove that all cases of bit-wise conditional are tested.

Class (struct) declarations:

  1. The purpose and use of every class (a.k.a. structure) is clearly defined in the header comment of its declaration.
  1. The purpose and use of every class member is clearly defined either in the header comment of the class declaration or when the member is declared or both.
  1. The names of class members clearly reflect their use.
  1. Members use the smallest practical datatype.
  1. Members are arranged within a class to make the class as small as practical.
  1. Every member of internal classes is constructively used. (In other words, we have removed class members that have fallen out of use.)
  1. Invariants for classes are clearly defined.
  1. Functions exist within #ifndef NDEBUG which test class invariants and these functions are called from within asserts at appropriate places.

Variables and class instances:

  1. The purpose and use of every variable is defined by a comment at the variable definition.
  1. The names of variables clearly reflect their use.
  1. Related variables have related names. (ex: aSavepoint and nSavepoint.)
  1. Variables have minimum practical scope.
  1. Automatic variables are small, not large objects or arrays.
  1. Constants are "const".
  1. Invariants on variables or groups of variables are defined and tested by asserts.
  1. Sufficient testcase() macros and/or code paths exist to verify that every variable is exercised through the full range of its possible values.
  1. When a variable that refers to the same value is used within multiple scopes, the same name is used in all cases.
  1. When variables refer to different values, different names are used even when the names are in different scopes.
  1. Variable names with wide scope are sufficiently distinctive to allow searching for them using grep.