You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

478 lines
18 KiB

NAME
infer-analyze - analyze the files captured by infer
SYNOPSIS
infer analyze [options]
infer [options]
DESCRIPTION
Analyze the files captured in the project results directory and
report.
OPTIONS
--annotation-reachability
Activates: the annotation reachability checker. Given a pair of
source and sink annotation, e.g. @PerformanceCritical and
@Expensive, this checker will warn whenever some method annotated
with @PerformanceCritical calls, directly or indirectly, another
method annotated with @Expensive (Conversely:
--no-annotation-reachability)
--annotation-reachability-only
Activates: Enable --annotation-reachability and disable all other
checkers (Conversely: --no-annotation-reachability-only)
--no-biabduction
Deactivates: the separation logic based bi-abduction analysis
using the checkers framework (Conversely: --biabduction)
--biabduction-only
Activates: Enable --biabduction and disable all other checkers
(Conversely: --no-biabduction-only)
--bufferoverrun
Activates: the buffer overrun analysis (Conversely:
--no-bufferoverrun)
--bufferoverrun-only
Activates: Enable --bufferoverrun and disable all other checkers
(Conversely: --no-bufferoverrun-only)
--changed-files-index file
Specify the file containing the list of source files from which
reactive analysis should start. Source files should be specified
relative to project root or be absolute
--class-loads
Activates: Java class loading analysis (Conversely:
--no-class-loads)
--class-loads-only
Activates: Enable --class-loads and disable all other checkers
(Conversely: --no-class-loads-only)
--continue-analysis
Activates: Continue the analysis after more targets are captured
by --continue. The other analysis options should be given the same
before. Not compatible with --reanalyze and
--incremental-analysis. (Conversely: --no-continue-analysis)
--cost
Activates: checker for performance cost analysis (Conversely:
--no-cost)
--cost-only
Activates: Enable --cost and disable all other checkers
(Conversely: --no-cost-only)
--custom-symbols json
Specify named lists of symbols available to rules
--debug,-g
Activates: Debug mode (also sets --debug-level 2,
--developer-mode, --print-buckets, --print-types,
--reports-include-ml-loc, --no-only-cheap-debug, --trace-error,
--write-dotty, --write-html) (Conversely: --no-debug | -G)
--debug-level level
Debug level (sets --bo-debug level, --debug-level-analysis level,
--debug-level-capture level, --debug-level-linters level):
- 0: only basic debugging enabled
- 1: verbose debugging enabled
- 2: very verbose debugging enabled
--debug-level-analysis int
Debug level for the analysis. See --debug-level for accepted
values.
--debug-level-capture int
Debug level for the capture. See --debug-level for accepted
values.
--debug-level-linters int
Debug level for the linters. See --debug-level for accepted
values.
--no-deduplicate
Deactivates: Apply issue-specific deduplication during analysis
and/or reporting. (Conversely: --deduplicate)
--no-default-checkers
Deactivates: Default checkers: --biabduction,
--fragment-retains-view, --inefficient-keyset-iterator, --linters,
--liveness, --racerd, --siof, --self_in_block, --starvation,
--uninit (Conversely: --default-checkers)
--eradicate
Activates: the eradicate @Nullable checker for Java annotations
(Conversely: --no-eradicate)
--eradicate-only
Activates: Enable --eradicate and disable all other checkers
(Conversely: --no-eradicate-only)
--no-fragment-retains-view
Deactivates: detects when Android fragments are not explicitly
nullified before becoming unreabable (Conversely:
--fragment-retains-view)
--fragment-retains-view-only
Activates: Enable --fragment-retains-view and disable all other
checkers (Conversely: --no-fragment-retains-view-only)
--help
Show this manual
--help-format { auto | groff | pager | plain }
Show this help in the specified format. auto sets the format to
plain if the environment variable TERM is "dumb" or undefined, and
to pager otherwise.
--help-full
Show this manual with all internal options in the INTERNAL OPTIONS
section
--immutable-cast
Activates: the detection of object cast from immutable type to
mutable type. For instance, it will detect cast from ImmutableList
to List, ImmutableMap to Map, and ImmutableSet to Set.
(Conversely: --no-immutable-cast)
--immutable-cast-only
Activates: Enable --immutable-cast and disable all other checkers
(Conversely: --no-immutable-cast-only)
--impurity
Activates: [EXPERIMENTAL] Impurity analysis (Conversely:
--no-impurity)
--impurity-only
Activates: Enable --impurity and disable all other checkers
(Conversely: --no-impurity-only)
--no-inefficient-keyset-iterator
Deactivates: Check for inefficient uses of keySet iterator that
access both the key and the value. (Conversely:
--inefficient-keyset-iterator)
--inefficient-keyset-iterator-only
Activates: Enable --inefficient-keyset-iterator and disable all
other checkers (Conversely: --no-inefficient-keyset-iterator-only)
--jobs,-j int
Run the specified number of analysis jobs simultaneously
--keep-going
Activates: Keep going when the analysis encounters a failure
(Conversely: --no-keep-going)
--no-linters
Deactivates: syntactic linters (Conversely: --linters)
--linters-only
Activates: Enable --linters and disable all other checkers
(Conversely: --no-linters-only)
--litho-required-props
Activates: [EXPERIMENTAL] Required Prop check for Litho
(Conversely: --no-litho-required-props)
--litho-required-props-only
Activates: Enable --litho-required-props and disable all other
checkers (Conversely: --no-litho-required-props-only)
--no-liveness
Deactivates: the detection of dead stores and unused variables
(Conversely: --liveness)
--liveness-only
Activates: Enable --liveness and disable all other checkers
(Conversely: --no-liveness-only)
--loop-hoisting
Activates: checker for loop-hoisting (Conversely:
--no-loop-hoisting)
--loop-hoisting-only
Activates: Enable --loop-hoisting and disable all other checkers
(Conversely: --no-loop-hoisting-only)
--perf-profiler-data-file file
DEPRECATED: Specify the file containing perf profiler data to read
--print-active-checkers
Activates: Print the active checkers before starting the analysis
(Conversely: --no-print-active-checkers)
--print-logs
Activates: Also log messages to stdout and stderr (Conversely:
--no-print-logs)
--printf-args
Activates: the detection of mismatch between the Java printf
format strings and the argument types For, example, this checker
will warn about the type error in `printf("Hello %d", "world")`
(Conversely: --no-printf-args)
--printf-args-only
Activates: Enable --printf-args and disable all other checkers
(Conversely: --no-printf-args-only)
--progress-bar-style { auto | plain | multiline }
Style of the progress bar. auto selects multiline if connected to
a tty, otherwise plain.
--project-root,-C dir
Specify the root directory of the project
--pulse
Activates: [EXPERIMENTAL] memory and lifetime analysis
(Conversely: --no-pulse)
--pulse-cut-to-one-path-procedures-pattern string
Regex of methods for which pulse will only explore one path. Can
be used on pathologically large procedures to prevent too-big
states from being produced.
--pulse-model-alloc-pattern string
Regex of methods that should be modelled as allocs in Pulse
--pulse-model-release-pattern string
Regex of methods that should be modelled as release in Pulse
--pulse-model-transfer-ownership +string
Methods that should be modelled as transfering memory ownership in
Pulse. Accepted formats are method or namespace::method
--pulse-only
Activates: Enable --pulse and disable all other checkers
(Conversely: --no-pulse-only)
--purity
Activates: [EXPERIMENTAL] Purity analysis (Conversely:
--no-purity)
--purity-only
Activates: Enable --purity and disable all other checkers
(Conversely: --no-purity-only)
--quandary
Activates: the quandary taint analysis (Conversely: --no-quandary)
--quandary-only
Activates: Enable --quandary and disable all other checkers
(Conversely: --no-quandary-only)
--quiet,-q
Activates: Do not print anything on standard output. (Conversely:
--no-quiet | -Q)
--no-racerd
Deactivates: the RacerD thread safety analysis (Conversely:
--racerd)
--racerd-only
Activates: Enable --racerd and disable all other checkers
(Conversely: --no-racerd-only)
--reactive,-r
Activates: Reactive mode: the analysis starts from the files
captured since the infer command started (Conversely:
--no-reactive | -R)
--no-report
Deactivates: Run the reporting phase once the analysis has
completed (Conversely: --report)
--report-force-relative-path
Activates: Force converting an absolute path to a relative path to
the root directory (Conversely: --no-report-force-relative-path)
--results-dir,-o dir
Write results and internal files in the specified directory
--no-self_in_block
Deactivates: checker to flag incorrect uses of when Objective-C
blocks capture self (Conversely: --self_in_block)
--self_in_block-only
Activates: Enable --self_in_block and disable all other checkers
(Conversely: --no-self_in_block-only)
--no-siof
Deactivates: the Static Initialization Order Fiasco analysis (C++
only) (Conversely: --siof)
--siof-only
Activates: Enable --siof and disable all other checkers
(Conversely: --no-siof-only)
--sqlite-cache-size int
SQLite cache size in pages (if positive) or kB (if negative),
follows formal of corresponding SQLite PRAGMA.
--sqlite-lock-timeout int
Timeout for SQLite results database operations, in milliseconds.
--sqlite-page-size int
SQLite page size in bytes, must be a power of two between 512 and
65536.
--no-starvation
Deactivates: starvation analysis (Conversely: --starvation)
--starvation-only
Activates: Enable --starvation and disable all other checkers
(Conversely: --no-starvation-only)
--no-uninit
Deactivates: checker for use of uninitialized values (Conversely:
--uninit)
--uninit-only
Activates: Enable --uninit and disable all other checkers
(Conversely: --no-uninit-only)
BUCK OPTIONS
--merge
Activates: Merge the captured results directories specified in the
dependency file. (Conversely: --no-merge)
BUFFER OVERRUN OPTIONS
--bo-debug int
Debug level for buffer-overrun checker (0-4)
--bo-field-depth-limit int
Limit of field depth of abstract location in buffer-overrun
checker
--bo-service-handler-request
Activates: [EXPERIMENTAL] Use taint flow of service handler
requests in buffer overflow checking. (Conversely:
--no-bo-service-handler-request)
CLANG OPTIONS
--annotation-reachability-cxx json
Specify annotation reachability analyses to be performed on
C/C++/ObjC code. Each entry is a JSON object whose key is the
issue name. "sources" and "sinks" can be specified either by
symbol (including regexps) or path prefix. "sinks" optionally can
specify "overrides" (by symbol or path prefix) that block the
reachability analysis when hit. Example: {
"ISOLATED_REACHING_CONNECT": {
"doc_url":
"http:://example.com/issue/doc/optional_link.html",
"sources": {
"desc": "Code that should not call connect [optional]",
"paths": [ "isolated/" ]
},
"sinks": {
"symbols": [ "connect" ],
"overrides": { "symbol_regexps": [ ".*::Trusted::.*" ] }
}
}
}
This will cause us to create a new ISOLATED_REACHING_CONNECT
issue for every function whose source path starts with "isolated/"
that may reach the function named "connect", ignoring paths that
go through a symbol matching the OCaml regexp ".*::Trusted::.*".
--annotation-reachability-cxx-sources json
Override sources in all cxx annotation reachability specs with the
given sources spec
--clang-compound-literal-init-limit int
Limit after which initialization of compound types (structs and
arrays) is not done element by element but using a builtin
function that each analysis has to model.
--cxx-scope-guards json
Specify scope guard classes that can be read only by destructors
without being reported as dead stores.
--liveness-dangerous-classes json
Specify classes where the destructor should be ignored when
computing liveness. In other words, assignement to variables of
these types (or common wrappers around these types such as
unique_ptr<type>) will count as dead stores when the variables are
not read explicitly by the program.
--ml-buckets ,-separated sequence of { all | cf | arc | narc | cpp |
unknown_origin }
Specify the memory leak buckets to be checked in C++:
- cpp from C++ code
--unsafe-malloc
Activates: Assume that malloc(3) never returns null. (Conversely:
--no-unsafe-malloc)
JAVA OPTIONS
--annotation-reachability-custom-pairs json
Specify custom sources/sink for the annotation reachability
checker Example format: for custom annotations
com.my.annotation.{Source1,Source2,Sink1}
{ "sources" : ["Source1", "Source2"], "sink" : "Sink1" }
--external-java-packages +prefix
Specify a list of Java package prefixes for external Java
packages. If set, the analysis will not report non-actionable
warnings on those packages.
--java-version int
The version of Java being used. Set it to your Java version if mvn
is failing.
QUANDARY CHECKER OPTIONS
--quandary-endpoints json
Specify endpoint classes for Quandary
--quandary-sanitizers json
Specify custom sanitizers for Quandary
--quandary-sinks json
Specify custom sinks for Quandary
--quandary-sources json
Specify custom sources for Quandary
RACERD CHECKER OPTIONS
--racerd-guardedby
Activates: Check @GuardedBy annotations with RacerD (Conversely:
--no-racerd-guardedby)
--no-racerd-unknown-returns-owned
Deactivates: DEPRECATED, does nothing. (Conversely:
--racerd-unknown-returns-owned)
--threadsafe-aliases json
Specify custom annotations that should be considered aliases of
@ThreadSafe
SIOF CHECKER OPTIONS
--siof-check-iostreams
Activates: Do not assume that iostreams (cout, cerr, ...) are
always initialized. The default is to assume they are always
initialized to avoid false positives. However, if your program
compiles against a recent libstdc++ then it is safe to turn this
option on. (Conversely: --no-siof-check-iostreams)
--siof-safe-methods +string
Methods that are SIOF-safe; "foo::bar" will match "foo::bar()",
"foo<int>::bar()", etc. (can be specified multiple times)
ENVIRONMENT
INFER_ARGS, INFERCONFIG, INFER_STRICT_MODE
See the ENVIRONMENT section in the manual of infer(1).
FILES
.inferconfig
See the FILES section in the manual of infer(1).
SEE ALSO
infer-report(1), infer-run(1)