(I have decided that I'm not not keen on the way Community Wiki only shows the person who last edited an entry. It would be good if the original author got credit as on a regular question, even if there is no reputation tied to it.)
I've read a good bit more of the book now. I like the two review chapters, one looking at a number of studies of code review and the other a more detailed one looking at the use of the Smart Bear tool at Cisco. The study on eye movement on trivial (20-line) program snippets was interesting.
There are some interesting bits of information lurking:
- The preparation work for a formal review is usually as useful as the formal review.
- The informal reviews (roughly) remove the formal review but keep the preparations.
- The number of bugs found drops off dramatically after about 60 minutes, and levels off to zero found per hour after about 90 minutes.
- The number of bugs found diminishes as the amount of code to be reviewed increases above 200 lines.
The bit that concerns me is the 200 lines part. How are the lines measured? Much of the code I work on has files that are multiple thousands of lines long (20,000 in at least one case - and that is not a generated file). If I need a code review of 20 lines edited in scattered places in the code, is it a 20-line review or a 2000-line review concentrating on 20 lines? I suspect it is more nearly the latter - or should be. To the extent that we treat it as a 20-line review, we are missing context.
(I'd be the first to accept that the code should be improved - I'm still struggling to get people to change the function definitions from K&R to prototype notation. That's the problem with 20-year old code. It is almost enough to make one despair.)