Java Static Code analysis tool infer

Java Static Code analysis tool infer

CHSZS, reprint need to indicate. Blog home: Http://blog.csdn.net/chszs

I. Introduction of Infer

Infer is Facebook's latest open source static program analysis tool for analyzing code before publishing a mobile app to identify potential problems. Facebook now uses this tool to analyze Facebook's apps, including Android, IOS, Facebook Messenger, and Instagram.

Facebook says the tool helps it check out hundreds of potential bugs each month, such as some null pointer access, resources, and memory leaks. Infer supports Android's C and objective-c code for Java and iOS.

Infer on GitHub's homepage: https://github.com/facebook/infer

Second, infer use 1, top-level command

1. Infer
   The primary command to run the infer. It's actually a Python script.
2. Infertest
   The shell script that runs the infer test. It uses buck to run the test.
   Usage: infertest {c, OBJC, Java}
3. Infertracebugs
   is a python script for traffic errors and tracking errors in the infer test report.

2. Auxiliary commands

Inferjava: Binary program with Java frontend
Inferclang: Binary program with clang front end
Inferanalyze: Binary program with infer back end (performing analysis)
Inferprint: Binary program that outputs analysis results (such as a list of bugs found)
INFERJ: command to run Java file analysis
Buckanalyze: Run Analysis command for a Java project that is compiled with Buck
Other scripts for the Inferlib.py:Python library
Other scripts for the Utils.py:Python library
Other scripts for the Jwlib.py:Python library

Third, the installation of infer

The official provides precompiled infer tools, but only supports Linux and MacOS two platforms. If you prefer to use infer, you can download it directly.
Otherwise, you need to download the source code, compile yourself.

1. Download infer

You can download infer from the git repository command:

git clone https://github.com/facebook/infer.git

Note: If you want to analyze C and objective-c,infer, you also need clang and Facebook-clang-plugin plug-ins.
Facebook-clang-plugin plug-in See: Https://github.com/facebook/facebook-clang-plugins
If you only want to analyze the Java/android code, you do not need the above dependent libraries.

2. Installation of infer in Linux

Prerequisites: Python version 2.7 or higher is required

Installation Instructions:
(The following installation procedures are validated in the Debian 7, Ubuntu 14.04, and Ubuntu 12.04.4 LTS Systems)

1. Installing OCaml Dependencies

# sudo apt-get update# sudo apt-get upgrade# sudo apt-get install git openjdk-7-jdk m4 zlib1g-dev python-software-properties build-essential libgmp-dev libmpfr-dev libmpc-dev unzip# wget https://github.com/ocaml/opam/releases/download/1.2.2/opam-1.2.2-x86_64-Linux -O opam# chmod +x opam# ./opam init --comp=4.01.0     # 然后在最后一个问题处按下“y”# eval `./opam config env`# ./opam install sawja.1.5 atdgen.1.5.0 javalib.2.3 extlib.1.5.4    # 然后在问题处按下“y”

2. If you need to support static analysis of C and Objective-c code, continue with the following instructions:

# cd infer# make -C  infer java# export PATH=`pwd`/infer/bin:$PATH

Note: Java 8 is not supported

3. If you need to support both Java code and C and Objective-c code, do not perform step 2nd above and perform step 3rd here instead.

Assuming and installing the 4.7.2 version of GCC (if the OS is Ubuntu 12.04.4 LTS, then you have installed GCC version 4.8 and g++ 4.8.
Then execute the following command:

# sudo apt-get install python-software-properties# sudo add-apt-repository ppa:ubuntu-toolchain-r/test# sudo apt-get update# sudo apt-get install gcc-4.8 g++-4.8# sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-4.8 60 --slave /usr/bin/g++ g++ /usr/bin/g++-4.8

4. Then continue

# cd infer# ./update-fcp.sh# ../facebook-clang-plugin/clang/setup.sh  # go have a coffee :)# ./compile-fcp.sh# make -C infer# export PATH=`pwd`/infer/bin:$PATH

Iv. another installation of infer 1, download

You can also download the binary release package directly
Mac OS x version: Https://github.com/facebook/infer/releases/download/v0.1.0/infer-osx-v0.1.0.tar.xz
Linux Release pack: HTTPS://GITHUB.COM/FACEBOOK/INFER/RELEASES/DOWNLOAD/V0.1.0/INFER-LINUX64-V0.1.0.TAR.XZ

2. Installation

Unzip the binary release package

# tar xf infer-linux64-v0.1.0.tar.xz

The infer-linux64-v0.1.0 directory is then created, and the infer main executable program is located in the Infer-linux64-v0.1.0/infer/infer/bin directory.

3. Add the infer to the PATH environment variable

# cd infer-linux64-v0.1.0 &&# echo "export PATH=\"\$PATH:`pwd`/infer/infer/bin\"" \ >> ~/.bash_profile &&# source ~/.bash_profile

Java Static Code analysis tool infer