Static Code Analysis for Projects, Built on Unreal Engine

Static Code Analysis for Projects,
Built on Unreal Engine
Ilya Gainulin
PVS-Studio
gainulin@viva64.com

I Am Looking for Errors in Your Code
2

Results of Incorrect Type Casing
in the ShareX Project
3

Results of Incorrect Type Casing
in the ShareX Project
Incorrect code:
float pixelWeight = color.Alpha / 255;
Fixed code:
float pixelWeight = (float)color.Alpha / 255;
4
type Byte

Collaboration with Epic Games
5

What Is Static Analysis?
Static analysis is a way to check a program’s code without executing the
program.
6

Why Do You Need Static Analysis?
• Detect errors early in the program development process.
• Get recommendations on code formatting.
• Check your spelling.
• Calculate various software metrics
7

Cost to Fix a Bug
Fix earlier,
save money!
8

Why Do You Need Static Analysis?
• Detect errors early in the program development process.
• Get recommendations on code formatting.
• Check your spelling.
• Calculate various software metrics
9

Static Analysis Advantages?
• Detecting potential problems in code early
• Full code coverage
• Easy to use
10

Static Analysis Advantages
13
Mono
V3012 The '?:' operator, regardless of its conditional expression, always
returns one and the same value: Color.FromArgb (150, 179, 225).
ProfessionalColorTable.cs 258

Static Analysis Disadvantages
• Unavoidable false positives
• Static analysis is usually not as good at detecting
memory leaks and parallel errors
14

Static Analysis Disadvantages
void OutstandingIssue(const char *strCount)
{
unsigned nCount;
sscanf_s(strCount, "%u", &nCount);
int array[10];
memset(array, 0, nCount * sizeof(int));
}
15

Static Analyzers Are Not Isolated Tools and Rare
Checks – They Are a Part of DevOps
16
Написание кода Компиляция Unit тесты
Интеграционные
тесты
Развёртывание
Планирование
Commit кода

17
Написание кода Компиляция
Полный статический
анализ на билд
сервере
Unit тесты
тесты
Commit кода

18

Написание кода Компиляция
Полный статический
анализ на билд
сервере
Unit тесты
тесты
Инкрементальный
статический анализ
на машине
разработчика
Commit кода
19

Incremental Analysis
• A decrease in analysis time, because only fixed or new code is
processed.
• Works well for early error detection.
20

Ways to Use Static Analysis in a UE Project
• Tracking compiler runs.
• Direct integration with the build system.
21

22
Invoking CL.exe
compiler
MSBuild
Unreal Build
Tool
Building Unreal Engine
projects
Build finished
Gathering
information
The Simplest Way to Check a UE Project: Catch All Compiler Calls

Tracking Compiler Runs from a GUI Application
23

24

25

Direct Integration into Build System and VS
• Run analysis directly from the Visual Studio IDE.
• Run the analysis automatically when building a UE project.
• Run incremental analysis.
26

Common assembly scenario of a C++ project in VS
27

Common assembly scenario of a C++ project in VS
28

Particularities of Building a UE Project
• Instead of Visual Studio’s standard build system, the UnrealBuildTool
(UBT) is used.
• Project files have the .uproject extension.
29

Particularities of Building a UE Project
30

What’s the Problem?
• The project file may not contain paths to source files that need to be
checked.
• Not all compilation options required for correct preprocessing are
present.
31

What’s the Solution?
• Write your own toolchain for the build system, so as to embed the
static analyzer launch into UBT.
• Pass a parameter to the UBT build system. That parameter would
demonstrate the need for analysis.
32

Some of the Current toolchain’s Limitations
• Only builds a project or only analyzes the project.
• No .cpp file analysis, if an included .h file has been changed.
34

The Project Analysis After Its Build
• Modifying the Build.bat and Rebuild.bat scripts.
35

36

37

The .cpp File Analysis in Scenarios with the
Connected Modified .h File
• Remove and restore the cache file UBT uses.
38

The .cpp File Analysis in Scenarios with the
Connected Modified .h File
39

Errors in Unreal Engine Code
static bool PositionIsInside(....)
{
return
Position.X >= Control.Center.X - BoxSize.X * 0.5f &&
Position.X <= Control.Center.X + BoxSize.X * 0.5f &&
Position.Y >= Control.Center.Y - BoxSize.Y * 0.5f &&
Position.Y >= Control.Center.Y - BoxSize.Y * 0.5f;
}
40

{
return
}
PVS-Studio warns: V501 There are identical sub-expressions 'Position.Y >=
Control.Center.Y — BoxSize.Y * 0.5f' to the left and to the right of the '&&'
operator. svirtualjoystick.cpp 97
41

{
return
Position.Y <= Control.Center.Y + BoxSize.Y * 0.5f;
}
PVS-Studio warns: V501 There are identical sub-expressions 'Position.Y >=
Control.Center.Y — BoxSize.Y * 0.5f' to the left and to the right of the '&&'
operator. svirtualjoystick.cpp 97
42

enum ECubeFace;
ECubeFace CubeFace;
friend FArchive& operator<<(FArchive& Ar, FResolveParams&
ResolveParams)
{
....
if(Ar.IsLoading())
{
ResolveParams.CubeFace = (ECubeFace)ResolveParams.CubeFace;
}
....
}
43

enum ECubeFace;
ECubeFace CubeFace;
friend FArchive& operator<<(FArchive& Ar, FResolveParams&
ResolveParams)
{
....
if(Ar.IsLoading())
{
ResolveParams.CubeFace = (ECubeFace)ResolveParams.CubeFace;
}
....
}
PVS-Studio warns: V570 The 'ResolveParams.CubeFace' variable is assigned to itself.
rhi.h 1279
44

bool VertInfluencedByActiveBone(
FParticleEmitterInstance* Owner, USkeletalMeshComponent* InSkelMeshComponent,
int32 InVertexIndex, int32* OutBoneIndex = NULL);
void UParticleModuleLocationSkelVertSurface::Spawn(....)
{
int32 BoneIndex1, BoneIndex2, BoneIndex3;
BoneIndex1 = BoneIndex2 = BoneIndex3 = INDEX_NONE;
if(!VertInfluencedByActiveBone(
Owner, SourceComponent, VertIndex[0], &BoneIndex1) &&
!VertInfluencedByActiveBone(
Owner, SourceComponent, VertIndex[2]) &BoneIndex3)
{
....
}
45

bool VertInfluencedByActiveBone(
FParticleEmitterInstance* Owner, USkeletalMeshComponent* InSkelMeshComponent,
int32 InVertexIndex, int32* OutBoneIndex = NULL);
void UParticleModuleLocationSkelVertSurface::Spawn(....)
{
int32 BoneIndex1, BoneIndex2, BoneIndex3;
BoneIndex1 = BoneIndex2 = BoneIndex3 = INDEX_NONE;
if(!VertInfluencedByActiveBone(
Owner, SourceComponent, VertIndex[2]) &BoneIndex3)
{
....
}
46

The Analyzer’s Warning About a Sneaky Error
PVS-Studio warns: V564 The '&' operator is applied to bool type value.
You've probably forgotten to include parentheses or intended to use the
'&&' operator. particlemodules_location.cpp 2120
47

void GetRenderData(....)
{
....
FT_Bitmap* Bitmap = nullptr;
if( Slot->bitmap.pixel_mode == FT_PIXEL_MODE_MONO )
{
FT_Bitmap NewBitmap;
....
Bitmap = &NewBitmap;
}
....
OutRenderData.RawPixels.AddUninitialized(
Bitmap->rows * Bitmap->width );
....
}
48

void GetRenderData(....)
{
....
FT_Bitmap* Bitmap = nullptr;
if( Slot->bitmap.pixel_mode == FT_PIXEL_MODE_MONO )
{
FT_Bitmap NewBitmap;
....
Bitmap = &NewBitmap;
}
....
OutRenderData.RawPixels.AddUninitialized(
Bitmap->rows * Bitmap->width );
....
}
49
PVS-Studio: V506 Pointer to local variable
'NewBitmap' is stored outside the scope of this
variable. Such a pointer will become invalid.
fontcache.cpp 466

void UGameplayStatics::DeactivateReverbEffect(....)
{
if (GEngine || !GEngine->UseSound())
{
return;
}
UWorld* ThisWorld = GEngine->GetWorldFromContextObject(....);
....
}
50

{
{
return;
}
....
}
PVS-Studio: V522 Dereferencing of the null pointer 'GEngine' might take place. Check the
logical condition. gameplaystatics.cpp 988
51

{
if (GEngine == nullptr || !GEngine->UseSound())
{
return;
}
....
}
PVS-Studio: V522 Dereferencing of the null pointer 'GEngine' might take place. Check the
logical condition. gameplaystatics.cpp 988
52

template< typename DefinitionType >
FORCENOINLINE void Set(....)
{
....
if ( DefinitionPtr == NULL )
{
WidgetStyleValues.Add( PropertyName,
MakeShareable( new DefinitionType( InStyleDefintion ) ) );
}
else
{
}
}
53

template< typename DefinitionType >
FORCENOINLINE void Set(....)
{
....
if ( DefinitionPtr == NULL )
{
}
else
{
}
}
54
PVS-Studio: V523 The 'then' statement is
equivalent to the 'else' statement. paths.cpp
703

Conclusion
• Static analysis of UE projects is not too complicated.
• Combine static analysis with other testing methods.
55

Thank You for Your Attention
56

Static Code Analysis for Projects, Built on Unreal Engine

More Related Content

What's hot (20)

Similar to Static Code Analysis for Projects, Built on Unreal Engine (20)

More from Andrey Karpov (20)

Recently uploaded (20)

Static Code Analysis for Projects, Built on Unreal Engine