First look at InferSharp: A C# version of Facebook’s Infer

https://fbinfer.com/

You might have heard about Infer which is a tool to detect bugs in Java and C/C++/Objective-C code before it ships. Infer belongs to Facebook and it is a static analysis tool to produce a list of potential bugs such as null pointer exceptions, resource leaks, annotation reachability, missing lock guards, and concurrency race conditions in Android and Java code.

InferSharp is the C#\.Net version of Infer.

What is InferSharp?

InferSharp brings the scalable, automated and interprocedural memory safety analytics of Infer to the .NET platform. As announced by Microsoft team, Infer# currently detects null dereferences and resource leaks, with race condition detection in development. 

To learn more about the technical implementation of Infer#, please see wiki.

As an example provided by Microsoft, if you have code something like below:

static void Main(string[]) args)
    {
        var returnNull = ReturnNull();
        _ = returnNull.Value;
    }

    private static NullObj ReturnNull()
    {
        return null;
    }

internal class NullObj
{
    internal string Value { get; set; }
}

 InferSharp will detect the null exception and will show it in the final detailed report, for example:

/Examples/NullDereference/Program.cs:11: error: NULL_DEREFERENCE (biabduction/Rearrange.ml:1622:55-62:)
  pointer 'returnNull' could be null and is dereferenced at line 11, column 13.

Just like null reference, InferSharp can also detect resource leak and safety violations.

Try InferSharp using Docker image

You might be interested to try InferSharp to see how it works by some examples. You may use docker image provided by Microsoft for this.

Pull the docker image using the command:

docker pull mcr.microsoft.com/infersharp:latest

It will start downloading the image:

Once the pulling is completed, start the docker container in interactive mode:

docker run -it mcr.microsoft.com/infersharp:latest

Once the container is running in interactive mode, run below command:

./run_infersharp.sh Examples

This will analyze the results and will show the report. You may export the report in a text file if needed:

Note that InferSharp is currently at very early stage and there are some limitations so check this out before using it for larger applications.

If you are interested to learn more about InferSharp then here is the GitHub link: https://github.com/microsoft/infersharp

One thought on “First look at InferSharp: A C# version of Facebook’s Infer

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s