Game engine code quality - is everything really that bad

Transcript

1. Game Engine Code Quality: Is Everything Really That Bad? George

   Gribkov pvs-studio.com

2. Unreal Engine 4 2

3. Unreal Engine 4 3

4. Assassins Creed: Unity 4

5. The Witcher 3: Wild Hunt 5

6. The Sims 6

7. BUGS EVERYWHERE 7

8. ▪ Educate developers about common bugs ▪ Use tools to

   look for bugs automatically How to Avoid Bugs? 8

9. ▪ Show typical error patterns ▪ Show how to use

   static code analysis correctly This Talk Aims To: 9

10. What Errors in Game Engines Look Like 10

11. Copy-Pasting and the Last Line Effect 11

12. Unreal Engine 4 (C++) 12

13. PVS-Studio warns: V501 There are identical sub-expressions 'Position.Y >= Control.Center.Y

    — BoxSize.Y * 0.5f' to the left and to the right of the '&&' operator. Unreal Engine 4 (C++) 13

14. Using an Invalid Address 14

15. Amazon Lumberyard (C++) 15

16. PVS-Studio warns: V557 CWE-119 Array overrun is possible. The 'id'

    index is pointing beyond array bound. Amazon Lumberyard (C++) 16

17. Unreal Engine 4 17

18. Unreal Engine 4 18 PVS-Studio warns: V522 Dereferencing of the

    null pointer 'LevelStreamingObject' might take place.

19. Evil Thrives in Conditional Expressions 19

20. Unity (C#) 20

21. PVS-Studio warns: V3063 A part of conditional expression is always

    true if it is evaluated: pageSize <= 1000. Unity (C#) 21

22. Bullet – Red Dead Redemption’s Engine (C++) 22

23. PVS-Studio warns: V709 Suspicious comparison found: 'f0 == f1 ==

    m_fractureBodies.size()’. Remember that 'a == b == c’ is not equal to 'a == b && b == c'. Bullet –Red Dead Redemption’s Engine (C++) 23

24. Operator Precedence 24

25. CryEngine (C++) 25

26. PVS-Studio warns: V502 Perhaps the '?:' operator works in a

    different way than it was expected. The '?:' operator has a lower priority than the '+' operator. CryEngine (C++) 26

27. Amazon Lumberyard (C++) 27

28. PVS-Studio warns: V502 Perhaps the '?:' operator works in a

    different way than it was expected. The '?:' operator has a lower priority than the '-' operator. Amazon Lumberyard (C++) 28

29. And Oh-So Many Elusive Typos… 29

30. CryEngine V (C++) 30

31. PVS-Studio warns: V529 Odd semicolon ';' after 'for' operator. CryEngine

    V (C++) 31

32. Amazon Lumberyard 32

33. PVS-Studio warns: V549 CWE-688 The first argument of 'memcmp' function

    is equal to the second argument. Amazon Lumberyard 33

34. And Here’s What We Get 34

35. 35

36. What to Do 36

37. Do Trust the Engines 37 ▪ All these errors are

    already fixed ▪ Developers actively work on preventing new ones

38. ▪ Unit tests ▪ Code review ▪ Functional, regression testing

    ▪ Dynamic analysis ▪ Static analysis Fight Bugs 38

39. Static analysis – is an automatic code review procedure. What

    Is Static Analysis? 39

40. What Is Static Analysis? 40

41. Static Analysis Advantages 41

42. ▪id Software ▪Wargaming ▪Epic Games ▪Playrix ▪Warner Brothers Who Uses

    Static Analysis… 42 ▪Oculus ▪Codemasters ▪Rocksteady ▪ZeniMax Media ▪And others…

43. Modern Static Analyzers 43 • PVS-Studio • ReSharper • Coverity

    • SonarQube • Klocwork • Clang Static Analyzer • IntelliJ IDEA • ... • A details list of static analyzers:

44. Analysis: How and Where 44

45. ▪ Locally on developers’ computers (plugins for IDE, compilation monitoring

    systems) Analysis: How and Where 45

46. ▪ In continuous integration systems (command-line tools, plugins for CI

    systems, monitoring systems) Analysis: How and Where 46

47. A Typical Scenario 47

48. ▪ Errors are fixed the moment they appear ▪ Many

    errors are fixed before testing and do not get to that stage ▪ Those that made it are detected at night ▪ The cost to fix bugs is almost zero Recap 48

49. Static Analysis Advantages 49

50. ▪ Of course! Static analysis does not find all bugs

    ▪ Static analysis – is an answer to the "how else can I improve code quality?" question ▪ An example of a great combination: static + dynamic analysis Should You Use Other Approaches? 50

51. Conclusion 51

52. ▪ Everyone makes mistakes. Even experts. ▪ This is normal,

    you can use special tools to fix them. Conclusion 52

53. Typical error patterns: ▪ Copy-pasting and the last line effect

    ▪ Using an incorrect address ▪ Errors in conditional operators ▪ Operation precedence issues ▪ Elusive typos Conclusion 53

54. ▪ You can save a lot of resources, if you

    set up continuous static analysis Conclusion 54

55. Q&A George Gribkov pvs-studio.com