The PVS-Studio team started adding new diagnostic rules that detect errors typical for Unreal Engine projects. However, we need some help from the game development community. Please share your thoughts on the typical error patterns you would like us to automate the search for.
The PVS-Studio analyzer is good at detecting common patterns of typos, logical errors, potential vulnerabilities, and much more. Now the PVS-Studio development teams focus on Unreal Engine.
We started implementing diagnostic rules that find bugs specific to projects built on this game engine.
The first example. We introduced the diagnostic rule that analyzes classes that do not inherit from the UObject type. If such a class has a non-static data member as a pointer to a type that inherits from UObject, then it is not correct.
class SomeClass
{
....
UObject *m_ptr;
....
};
The Unreal Engine garbage collector can destroy an object addressed by the m_ptr pointer. Read more about this diagnostic rule: V1100.
The second example. This diagnostic rule identifies declarations that do not comply with naming conventions for Unreal Engine projects. The compliance with the conventions is required for the correct operation of the Unreal Header Tool.
We are just getting started. We will collect error patterns similar to the ones above and implement their detection in the analyzer. The thing is, without the help of the GameDev community, our work will take ages. Since we don't develop games ourselves, the pattern collection will be random at first.
We easily get inspired to make general diagnostic rules. Why is this not the case with Unreal Engine?
There are many articles and books on common errors. These errors are easy to collect. We also get a lot of ideas from our user support work.
This can also be the case for the UE-oriented diagnostic rules. Users will find bugs and suggest ideas on what else to look for. To start the process, all we have to do is nudge it. That's why this note came about.
Leave comments with your ideas on what bugs we should be looking for!
I invite you to think about what bugs you regularly find during code review, even though they can be detected automatically, and write about them in the comments. In fact, static analysis is a kind of automated code review.
We are looking forward to hearing your interesting ideas. Thank you!