Why Do You Need Static Analysis? Detect errors early in the program development process. Get recommendations on code formatting. Check your spelling. Calculate various software metrics.
6. What Is Static Analysis?
Static analysis is a way to check a program’s code without executing the
program.
6
7. Why Do You Need Static Analysis?
• Detect errors early in the program development process.
• Get recommendations on code formatting.
• Check your spelling.
• Calculate various software metrics
7
9. Why Do You Need Static Analysis?
• Detect errors early in the program development process.
• Get recommendations on code formatting.
• Check your spelling.
• Calculate various software metrics
9
13. Static Analysis Advantages
13
Mono
V3012 The '?:' operator, regardless of its conditional expression, always
returns one and the same value: Color.FromArgb (150, 179, 225).
ProfessionalColorTable.cs 258
14. Static Analysis Disadvantages
• Unavoidable false positives
• Static analysis is usually not as good at detecting
memory leaks and parallel errors
14
16. Static Analyzers Are Not Isolated Tools and Rare
Checks – They Are a Part of DevOps
16
Написание кода Компиляция Unit тесты
Интеграционные
тесты
Развёртывание
Планирование
Commit кода
17. Static Analyzers Are Not Isolated Tools and Rare
Checks – They Are a Part of DevOps
17
Написание кода Компиляция
Полный статический
анализ на билд
сервере
Unit тесты
Интеграционные
тесты
Развёртывание
Планирование
Commit кода
18. Static Analyzers Are Not Isolated Tools and Rare
Checks – They Are a Part of DevOps
18
19. Static Analyzers Are Not Isolated Tools and Rare
Checks – They Are a Part of DevOps
Написание кода Компиляция
Полный статический
анализ на билд
сервере
Unit тесты
Интеграционные
тесты
Развёртывание
Планирование
Инкрементальный
статический анализ
на машине
разработчика
Commit кода
19
20. Incremental Analysis
• A decrease in analysis time, because only fixed or new code is
processed.
• Works well for early error detection.
20
21. Ways to Use Static Analysis in a UE Project
• Tracking compiler runs.
• Direct integration with the build system.
21
26. Direct Integration into Build System and VS
• Run analysis directly from the Visual Studio IDE.
• Run the analysis automatically when building a UE project.
• Run incremental analysis.
26
29. Particularities of Building a UE Project
• Instead of Visual Studio’s standard build system, the UnrealBuildTool
(UBT) is used.
• Project files have the .uproject extension.
29
31. What’s the Problem?
• The project file may not contain paths to source files that need to be
checked.
• Not all compilation options required for correct preprocessing are
present.
31
32. What’s the Solution?
• Write your own toolchain for the build system, so as to embed the
static analyzer launch into UBT.
• Pass a parameter to the UBT build system. That parameter would
demonstrate the need for analysis.
32
34. Some of the Current toolchain’s Limitations
• Only builds a project or only analyzes the project.
• No .cpp file analysis, if an included .h file has been changed.
34
35. The Project Analysis After Its Build
• Modifying the Build.bat and Rebuild.bat scripts.
35
47. The Analyzer’s Warning About a Sneaky Error
PVS-Studio warns: V564 The '&' operator is applied to bool type value.
You've probably forgotten to include parentheses or intended to use the
'&&' operator. particlemodules_location.cpp 2120
47