Infer powering Microsoft’s Infer#, a new static analyzer for C#

What it is: Infer# brings the Infer static analysis platform to developers who use Microsoft’s C# programming language. It can already detect null-pointer dereference and resource leak bugs, thanks…

Jules Villard
2 min readbeginner
--
View Original

Overview

Infer# is a new static analyzer for C# that extends the Infer static analysis platform, enabling developers to detect bugs such as null-pointer dereferences and resource leaks. It introduces a new language front end for C# and a language-independent JSON layer for representing its intermediate language, SIL.

What You'll Learn

1

How to use Infer# to detect null-pointer dereferences in C# code

2

Why Infer# is effective for finding inter-procedural bugs in C# applications

3

When to implement static analysis in the software development lifecycle

Prerequisites & Requirements

  • Understanding of static analysis concepts
  • Familiarity with C# and .NET development environment

Key Questions Answered

What types of bugs can Infer# detect in C# applications?
Infer# can detect various bugs in C# applications, including null-pointer dereferences, resource leaks, and is working on detecting race conditions. This makes it a powerful tool for identifying inter-procedural bugs that other static analyzers may miss.
How does Infer# improve static analysis for C# developers?
Infer# enhances static analysis for C# developers by providing a new front end that translates .NET bytecode into Infer's intermediate language, SIL. This allows for the reuse of existing Infer analyses with minimal adaptation, making it easier to integrate into C# projects.
What is the significance of the new JSON layer in Infer#?
The new language-independent JSON layer in Infer# represents SIL, which opens up possibilities for creating additional Infer front ends for other programming languages. This enhances the flexibility and scalability of the Infer static analysis platform.
When was Infer# first presented to the public?
Infer# was first presented at the Infer Practitioners workshop, which was colocated with PLDI 2020. This event highlighted its capabilities and the advancements it brings to static analysis for C#.

Technologies & Tools

Some links below are affiliate links. We may earn a commission if you make a purchase.

Key Actionable Insights

1
Integrating Infer# into your C# development process can significantly reduce the occurrence of critical bugs such as null-pointer dereferences and resource leaks.
By using Infer# early in the development lifecycle, teams can catch these issues before they reach production, thereby improving software reliability and reducing debugging time.
2
Utilizing the new JSON layer in Infer# allows for easier adaptation of static analysis techniques across different programming languages.
This means that as your team expands into other languages, the knowledge and tools developed for C# can be leveraged, enhancing overall productivity and code quality.
3
Understanding the limitations of existing static analyzers can help teams appreciate the unique capabilities of Infer#.
Many open-source static analyzers for C# do not effectively find inter-procedural bugs, making Infer# a valuable addition for teams focused on robust software development.

Common Pitfalls

1
Relying solely on traditional static analyzers may lead to missing critical inter-procedural bugs in C# applications.
This happens because many existing tools do not effectively analyze the interactions between different parts of the code, which is where Infer# excels.