infer_clone/website/versioned_docs/version-0.17.0/01-experimental-checkers.md

---
id: experimental-checkers
title: "Infer : Experimental Checkers"
---

Infer contains a number of experimental checkers that can be run using just like
the normal infer analysis
`infer -a checkers --<checker_name> -- <your build command>`. `checker_name` can
be `bufferoverrun`, `siof`, or `quandary`. We'll explain the capabilities of
each experimental checker, its level of maturity (on a scale including "in
development", "medium", and "probably deployable"), and the language(s) it
targets.

# Inferbo

- Languages: C (but should be easy to adapt to Objective-C/C++, and possibly
  Java.)
- Maturity: Medium

Inferbo is a detector for out-of-bounds array accesses. You can read all about
it in this blog
[post](https://research.fb.com/inferbo-infer-based-buffer-overrun-analyzer/). It
has been tuned for C, but we are planning to adapt it to other languages in the
near future.

# Quandary

- Languages: Java, C/C++
- Maturity: Medium

Quandary is a static taint analyzer that identifies a variety of unsafe
information flows. It has a small list of built-in
[sources](https://github.com/facebook/infer/blob/master/infer/src/quandary/JavaTrace.ml#L36)
and
[sinks](https://github.com/facebook/infer/blob/master/infer/src/quandary/JavaTrace.ml#L178),
and you can define custom sources and sinks in your `.inferconfig` file (see
example
[here](https://github.com/facebook/infer/blob/master/infer/tests/codetoanalyze/java/quandary/.inferconfig)).
[website] version documentation Summary: This doesn't change the website for now except that, if you can guess the URL, you can now access /docs/next/<page> and /docs/0.17.0/<page> in addition to /docs/<page>. This is all automatically handled by Docusaurus, nice! We still need to manually version static/man/ and static/odoc/. The 0.17.0 versions are now in static/man/0.17.0/ and static/odoc/0.17.0/. I haven't created static/man/next/ and static/doc/next/ (corresponding to the "next" version) yet so some links in /docs/next/ are dead (but unreachable by visitors for now). A follow-up commit populates these with the man pages and odoc for the current master via an updated `make doc-publish` target (it's currently regressed to a broken state). Reviewed By: ngorogiannis Differential Revision: D21552099 fbshipit-source-id: 3238580fe 5 years ago			`---`
			`id: experimental-checkers`
			`title: "Infer : Experimental Checkers"`
			`---`

			`Infer contains a number of experimental checkers that can be run using just like`
			`the normal infer analysis`
			`infer -a checkers --<checker_name> -- <your build command>`. `checker_name` can
			be `bufferoverrun`, `siof`, or `quandary`. We'll explain the capabilities of
			`each experimental checker, its level of maturity (on a scale including "in`
			`development", "medium", and "probably deployable"), and the language(s) it`
			`targets.`

			`# Inferbo`

			`- Languages: C (but should be easy to adapt to Objective-C/C++, and possibly`
			`Java.)`
			`- Maturity: Medium`

			`Inferbo is a detector for out-of-bounds array accesses. You can read all about`
			`it in this blog`
			`[post](https://research.fb.com/inferbo-infer-based-buffer-overrun-analyzer/). It`
			`has been tuned for C, but we are planning to adapt it to other languages in the`
			`near future.`

			`# Quandary`

			`- Languages: Java, C/C++`
			`- Maturity: Medium`

			`Quandary is a static taint analyzer that identifies a variety of unsafe`
			`information flows. It has a small list of built-in`
			`[sources](https://github.com/facebook/infer/blob/master/infer/src/quandary/JavaTrace.ml#L36)`
			`and`
			`[sinks](https://github.com/facebook/infer/blob/master/infer/src/quandary/JavaTrace.ml#L178),`
			and you can define custom sources and sinks in your `.inferconfig` file (see
			`example`
			`[here](https://github.com/facebook/infer/blob/master/infer/tests/codetoanalyze/java/quandary/.inferconfig)).`