|
|
|
NAME
|
|
|
|
infer-report - compute and manipulate infer results
|
|
|
|
|
|
|
|
SYNOPSIS
|
|
|
|
infer report [options] [file.specs...]
|
|
|
|
|
|
|
|
|
|
|
|
DESCRIPTION
|
|
|
|
Read, convert, and print .specs files in the results directory. Each
|
|
|
|
spec is printed to standard output unless option -q is used.
|
|
|
|
|
|
|
|
If no specs file are passed on the command line, process all the
|
|
|
|
.specs in the results directory.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OPTIONS
|
|
|
|
--censor-report +string
|
|
|
|
Specify a filter for issues to be censored by adding a
|
|
|
|
'censored_reason' field in the json report. Infer will not report
|
|
|
|
censored issues on the console output and in bugs.txt, but tools
|
|
|
|
that post-process the json report can take them into account. If
|
|
|
|
multiple filters are specified, they are applied in the order in
|
|
|
|
which they are specified. Each filter is applied to each issue
|
|
|
|
detected, and only issues which are accepted by all filters are
|
|
|
|
reported. Each filter is of the form:
|
|
|
|
`<issue_type_regex>:<filename_regex>:<reason_string>`. The first
|
|
|
|
two components are OCaml Str regular expressions, with an optional
|
|
|
|
`!` character prefix. If a regex has a `!` prefix, the polarity is
|
|
|
|
inverted, and the filter becomes a "blacklist" instead of a
|
|
|
|
"whitelist". Each filter is interpreted as an implication: an
|
|
|
|
issue matches if it does not match the `issue_type_regex` or if it
|
|
|
|
does match the `filename_regex`. The filenames that are tested by
|
|
|
|
the regex are relative to the `--project-root` directory. The
|
|
|
|
`<reason_string>` is a non-empty string used to explain why the
|
|
|
|
issue was filtered.
|
|
|
|
|
|
|
|
--debug,-g
|
|
|
|
Activates: Debug mode (also sets --debug-level 2,
|
make --debug option side-effect free
Summary:
I found it very confusing that running infer with --debug makes the
report to be different.
Intuitively, I expect (and I think majority of users would expect) that
`--debug` makes things more verbose (and potentially more slow / consuming
more memory and disk space), but does not change anything apart from it.
One pro of preserving existing behavior, pointed by jvillard:
- Suppose some check is experimental or disabled in the config. The
users expect the issue to be found, but it does not show up. They run
`infer --debug` to understand the behavior, and suddenly the issue shows
up.
I, hovewer, find this pro not important enough and potentially confusing
the users even more.
(If they want to investigate seriously, they can always use
--no-filtering, and there are a lot of cases when the issue does not
show up for others, much hard to undertand reasons, than the fact that
it is disabled).
Reviewed By: jvillard
Differential Revision: D17113750
fbshipit-source-id: 46cc93503
5 years ago
|
|
|
--developer-mode, --print-buckets, --print-types,
|
|
|
|
--reports-include-ml-loc, --no-only-cheap-debug, --trace-error,
|
|
|
|
--write-dotty, --write-html) (Conversely: --no-debug | -G)
|
|
|
|
|
|
|
|
--debug-level level
|
|
|
|
Debug level (sets --bo-debug level, --debug-level-analysis level,
|
|
|
|
--debug-level-capture level, --debug-level-linters level):
|
|
|
|
- 0: only basic debugging enabled
|
|
|
|
- 1: verbose debugging enabled
|
|
|
|
- 2: very verbose debugging enabled
|
|
|
|
|
|
|
|
--debug-level-analysis int
|
|
|
|
Debug level for the analysis. See --debug-level for accepted
|
|
|
|
values.
|
|
|
|
|
|
|
|
--debug-level-capture int
|
|
|
|
Debug level for the capture. See --debug-level for accepted
|
|
|
|
values.
|
|
|
|
|
|
|
|
--debug-level-linters int
|
|
|
|
Debug level for the linters. See --debug-level for accepted
|
|
|
|
values.
|
|
|
|
|
|
|
|
--no-deduplicate
|
|
|
|
Deactivates: Apply issue-specific deduplication during analysis
|
|
|
|
and/or reporting. (Conversely: --deduplicate)
|
|
|
|
|
|
|
|
--differential-filter-files string
|
|
|
|
Specify the file containing the list of source files for which a
|
|
|
|
differential report is desired. Source files should be specified
|
|
|
|
relative to project root or be absolute
|
|
|
|
|
|
|
|
--disable-issue-type +issue_type
|
|
|
|
Do not show reports coming from this type of issue. Each checker
|
|
|
|
can report a range of issue types. This option provides
|
|
|
|
fine-grained filtering over which types of issue should be
|
|
|
|
reported once the checkers have run. In particular, note that
|
|
|
|
disabling issue types does not make the corresponding checker not
|
|
|
|
run. Available issue types are as follows:
|
|
|
|
|
|
|
|
ANALYSIS_STOPS (disabled by default),
|
|
|
|
ARRAY_OUT_OF_BOUNDS_L1 (disabled by default),
|
|
|
|
ARRAY_OUT_OF_BOUNDS_L2 (disabled by default),
|
|
|
|
ARRAY_OUT_OF_BOUNDS_L3 (disabled by default),
|
|
|
|
Abduction_case_not_implemented (enabled by default),
|
|
|
|
Array_of_pointsto (enabled by default),
|
|
|
|
Assert_failure (enabled by default),
|
|
|
|
BIABD_USE_AFTER_FREE (enabled by default),
|
|
|
|
BUFFER_OVERRUN_L1 (enabled by default),
|
|
|
|
BUFFER_OVERRUN_L2 (enabled by default),
|
|
|
|
BUFFER_OVERRUN_L3 (enabled by default),
|
|
|
|
BUFFER_OVERRUN_L4 (disabled by default),
|
|
|
|
BUFFER_OVERRUN_L5 (disabled by default),
|
|
|
|
BUFFER_OVERRUN_R2 (enabled by default),
|
|
|
|
BUFFER_OVERRUN_S2 (enabled by default),
|
|
|
|
BUFFER_OVERRUN_T1 (enabled by default),
|
|
|
|
BUFFER_OVERRUN_U5 (disabled by default),
|
|
|
|
Bad_footprint (enabled by default),
|
|
|
|
CAPTURED_STRONG_SELF (enabled by default),
|
|
|
|
CHECKERS_ALLOCATES_MEMORY (enabled by default),
|
|
|
|
CHECKERS_ANNOTATION_REACHABILITY_ERROR (enabled by default),
|
|
|
|
CHECKERS_CALLS_EXPENSIVE_METHOD (enabled by default),
|
|
|
|
CHECKERS_EXPENSIVE_OVERRIDES_UNANNOTATED (enabled by default),
|
|
|
|
CHECKERS_FRAGMENT_RETAINS_VIEW (enabled by default),
|
|
|
|
CHECKERS_IMMUTABLE_CAST (enabled by default),
|
|
|
|
CHECKERS_PRINTF_ARGS (enabled by default),
|
|
|
|
CLASS_CAST_EXCEPTION (disabled by default),
|
|
|
|
CLASS_LOAD (enabled by default),
|
|
|
|
COMPARING_FLOAT_FOR_EQUALITY (enabled by default),
|
|
|
|
COMPONENT_FACTORY_FUNCTION (enabled by default),
|
|
|
|
COMPONENT_FILE_CYCLOMATIC_COMPLEXITY (enabled by default),
|
|
|
|
COMPONENT_FILE_LINE_COUNT (enabled by default),
|
|
|
|
COMPONENT_INITIALIZER_WITH_SIDE_EFFECTS (enabled by default),
|
|
|
|
COMPONENT_WITH_MULTIPLE_FACTORY_METHODS (enabled by default),
|
|
|
|
COMPONENT_WITH_UNCONVENTIONAL_SUPERCLASS (enabled by default),
|
|
|
|
CONDITION_ALWAYS_FALSE (disabled by default),
|
|
|
|
CONDITION_ALWAYS_TRUE (disabled by default),
|
|
|
|
CONSTANT_ADDRESS_DEREFERENCE (disabled by default),
|
|
|
|
CREATE_INTENT_FROM_URI (enabled by default),
|
|
|
|
CROSS_SITE_SCRIPTING (enabled by default),
|
|
|
|
Cannot_star (enabled by default),
|
|
|
|
Codequery (enabled by default),
|
|
|
|
DANGLING_POINTER_DEREFERENCE (disabled by default),
|
|
|
|
DEADLOCK (enabled by default),
|
|
|
|
DEAD_STORE (enabled by default),
|
|
|
|
DEALLOCATE_STACK_VARIABLE (enabled by default),
|
|
|
|
DEALLOCATE_STATIC_MEMORY (enabled by default),
|
|
|
|
DEALLOCATION_MISMATCH (enabled by default),
|
|
|
|
DIVIDE_BY_ZERO (disabled by default),
|
|
|
|
DO_NOT_REPORT (enabled by default),
|
|
|
|
EMPTY_VECTOR_ACCESS (enabled by default),
|
|
|
|
ERADICATE_CONDITION_REDUNDANT (enabled by default),
|
|
|
|
ERADICATE_CONDITION_REDUNDANT_NONNULL (enabled by default),
|
|
|
|
ERADICATE_FIELD_NOT_INITIALIZED (enabled by default),
|
|
|
|
ERADICATE_FIELD_NOT_NULLABLE (enabled by default),
|
|
|
|
ERADICATE_FIELD_OVER_ANNOTATED (enabled by default),
|
|
|
|
ERADICATE_INCONSISTENT_SUBCLASS_PARAMETER_ANNOTATION (enabled
|
|
|
|
by default),
|
|
|
|
ERADICATE_INCONSISTENT_SUBCLASS_RETURN_ANNOTATION (enabled by
|
|
|
|
default),
|
|
|
|
ERADICATE_NULLABLE_DEREFERENCE (enabled by default),
|
|
|
|
ERADICATE_PARAMETER_NOT_NULLABLE (enabled by default),
|
|
|
|
ERADICATE_RETURN_NOT_NULLABLE (enabled by default),
|
|
|
|
ERADICATE_RETURN_OVER_ANNOTATED (enabled by default),
|
|
|
|
ERADICATE_UNCHECKED_USAGE_IN_NULLSAFE (enabled by default),
|
|
|
|
ERADICATE_UNVETTED_THIRD_PARTY_IN_NULLSAFE (enabled by
|
|
|
|
default),
|
|
|
|
EXECUTION_TIME_COMPLEXITY_INCREASE (enabled by default),
|
|
|
|
EXECUTION_TIME_COMPLEXITY_INCREASE_COLD_START (enabled by
|
|
|
|
default),
|
|
|
|
EXECUTION_TIME_COMPLEXITY_INCREASE_UI_THREAD (enabled by
|
|
|
|
default),
|
|
|
|
EXPENSIVE_EXECUTION_TIME (disabled by default),
|
|
|
|
EXPENSIVE_EXECUTION_TIME_COLD_START (disabled by default),
|
|
|
|
EXPENSIVE_EXECUTION_TIME_UI_THREAD (disabled by default),
|
|
|
|
EXPENSIVE_LOOP_INVARIANT_CALL (enabled by default),
|
|
|
|
EXPOSED_INSECURE_INTENT_HANDLING (enabled by default),
|
|
|
|
Failure_exe (enabled by default),
|
|
|
|
GLOBAL_VARIABLE_INITIALIZED_WITH_FUNCTION_OR_METHOD_CALL
|
|
|
|
(disabled by default),
|
|
|
|
GUARDEDBY_VIOLATION (enabled by default),
|
|
|
|
IMPURE_FUNCTION (enabled by default),
|
|
|
|
INEFFICIENT_KEYSET_ITERATOR (enabled by default),
|
|
|
|
INFERBO_ALLOC_IS_BIG (enabled by default),
|
|
|
|
INFERBO_ALLOC_IS_NEGATIVE (enabled by default),
|
|
|
|
INFERBO_ALLOC_IS_ZERO (enabled by default),
|
|
|
|
INFERBO_ALLOC_MAY_BE_BIG (enabled by default),
|
|
|
|
INFERBO_ALLOC_MAY_BE_NEGATIVE (enabled by default),
|
|
|
|
INFERBO_ALLOC_MAY_BE_TAINTED (enabled by default),
|
|
|
|
INFINITE_EXECUTION_TIME (disabled by default),
|
|
|
|
INHERENTLY_DANGEROUS_FUNCTION (enabled by default),
|
|
|
|
INSECURE_INTENT_HANDLING (enabled by default),
|
|
|
|
INTEGER_OVERFLOW_L1 (enabled by default),
|
|
|
|
INTEGER_OVERFLOW_L2 (enabled by default),
|
|
|
|
INTEGER_OVERFLOW_L5 (disabled by default),
|
|
|
|
INTEGER_OVERFLOW_R2 (enabled by default),
|
|
|
|
INTEGER_OVERFLOW_U5 (disabled by default),
|
|
|
|
INTERFACE_NOT_THREAD_SAFE (enabled by default),
|
|
|
|
INVARIANT_CALL (disabled by default),
|
|
|
|
IVAR_NOT_NULL_CHECKED (enabled by default),
|
|
|
|
Internal_error (enabled by default),
|
|
|
|
JAVASCRIPT_INJECTION (enabled by default),
|
|
|
|
LOCKLESS_VIOLATION (enabled by default),
|
|
|
|
LOCK_CONSISTENCY_VIOLATION (enabled by default),
|
|
|
|
LOGGING_PRIVATE_DATA (enabled by default),
|
|
|
|
Leak_after_array_abstraction (enabled by default),
|
|
|
|
Leak_in_footprint (enabled by default),
|
|
|
|
MEMORY_LEAK (enabled by default),
|
|
|
|
MISSING_REQUIRED_PROP (enabled by default),
|
|
|
|
MIXED_SELF_WEAKSELF (enabled by default),
|
|
|
|
MULTIPLE_WEAKSELF (enabled by default),
|
|
|
|
MUTABLE_LOCAL_VARIABLE_IN_COMPONENT_FILE (enabled by default),
|
|
|
|
Missing_fld (enabled by default),
|
|
|
|
NULLPTR_DEREFERENCE (disabled by default),
|
|
|
|
NULLSAFE_FIELD_NOT_NULLABLE (enabled by default),
|
|
|
|
NULLSAFE_NULLABLE_DEREFERENCE (enabled by default),
|
|
|
|
NULL_DEREFERENCE (enabled by default),
|
|
|
|
NULL_TEST_AFTER_DEREFERENCE (disabled by default),
|
|
|
|
PARAMETER_NOT_NULL_CHECKED (enabled by default),
|
|
|
|
POINTER_SIZE_MISMATCH (enabled by default),
|
|
|
|
PRECONDITION_NOT_FOUND (enabled by default),
|
|
|
|
PRECONDITION_NOT_MET (enabled by default),
|
|
|
|
PREMATURE_NIL_TERMINATION_ARGUMENT (enabled by default),
|
|
|
|
PURE_FUNCTION (enabled by default),
|
|
|
|
QUANDARY_TAINT_ERROR (enabled by default),
|
|
|
|
REGISTERED_OBSERVER_BEING_DEALLOCATED (enabled by default),
|
|
|
|
RESOURCE_LEAK (enabled by default),
|
|
|
|
RETAIN_CYCLE (enabled by default),
|
|
|
|
RETURN_EXPRESSION_REQUIRED (enabled by default),
|
|
|
|
RETURN_STATEMENT_MISSING (enabled by default),
|
|
|
|
RETURN_VALUE_IGNORED (disabled by default),
|
|
|
|
SHELL_INJECTION (enabled by default),
|
|
|
|
SHELL_INJECTION_RISK (enabled by default),
|
|
|
|
SKIP_FUNCTION (enabled by default),
|
|
|
|
SKIP_POINTER_DEREFERENCE (enabled by default),
|
|
|
|
SQL_INJECTION (enabled by default),
|
|
|
|
SQL_INJECTION_RISK (enabled by default),
|
|
|
|
STACK_VARIABLE_ADDRESS_ESCAPE (disabled by default),
|
|
|
|
STARVATION (enabled by default),
|
|
|
|
STATIC_INITIALIZATION_ORDER_FIASCO (enabled by default),
|
|
|
|
STRICT_MODE_VIOLATION (enabled by default),
|
|
|
|
STRONG_SELF_NOT_CHECKED (enabled by default),
|
|
|
|
Symexec_memory_error (enabled by default),
|
|
|
|
TAINTED_BUFFER_ACCESS (enabled by default),
|
|
|
|
TAINTED_MEMORY_ALLOCATION (enabled by default),
|
|
|
|
THREAD_SAFETY_VIOLATION (enabled by default),
|
|
|
|
TOPL_ERROR (enabled by default),
|
|
|
|
UNARY_MINUS_APPLIED_TO_UNSIGNED_EXPRESSION (disabled by
|
|
|
|
default),
|
|
|
|
UNINITIALIZED_VALUE (enabled by default),
|
|
|
|
UNREACHABLE_CODE (enabled by default),
|
|
|
|
UNTRUSTED_BUFFER_ACCESS (disabled by default),
|
|
|
|
UNTRUSTED_DESERIALIZATION (enabled by default),
|
|
|
|
UNTRUSTED_DESERIALIZATION_RISK (enabled by default),
|
|
|
|
UNTRUSTED_ENVIRONMENT_CHANGE_RISK (enabled by default),
|
|
|
|
UNTRUSTED_FILE (enabled by default),
|
|
|
|
UNTRUSTED_FILE_RISK (enabled by default),
|
|
|
|
UNTRUSTED_HEAP_ALLOCATION (disabled by default),
|
|
|
|
UNTRUSTED_INTENT_CREATION (enabled by default),
|
|
|
|
UNTRUSTED_URL_RISK (enabled by default),
|
|
|
|
UNTRUSTED_VARIABLE_LENGTH_ARRAY (enabled by default),
|
|
|
|
USER_CONTROLLED_SQL_RISK (enabled by default),
|
|
|
|
USE_AFTER_DELETE (enabled by default),
|
|
|
|
USE_AFTER_FREE (enabled by default),
|
|
|
|
USE_AFTER_LIFETIME (enabled by default),
|
|
|
|
Unknown_proc (enabled by default),
|
|
|
|
VECTOR_INVALIDATION (enabled by default),
|
|
|
|
WEAK_SELF_IN_NO_ESCAPE_BLOCK (enabled by default),
|
|
|
|
Wrong_argument_number (enabled by default),
|
|
|
|
ZERO_EXECUTION_TIME (disabled by default).
|
|
|
|
|
|
|
|
|
|
|
|
--enable-issue-type +issue_type
|
|
|
|
Show reports coming from this type of issue. By default, all issue
|
|
|
|
types are enabled except the ones listed in --disable-issue-type.
|
|
|
|
Note that enabling issue types does not make the corresponding
|
|
|
|
checker run; see individual checker options to turn them on or
|
|
|
|
off.
|
|
|
|
|
|
|
|
--no-filtering,-F
|
|
|
|
Deactivates: Do not show the experimental and blacklisted issue
|
|
|
|
types (Conversely: --filtering | -f)
|
|
|
|
|
|
|
|
--from-json-report report.json
|
|
|
|
Load analysis results from a report file (default is to load the
|
|
|
|
results from the specs files generated by the analysis).
|
|
|
|
|
|
|
|
--help
|
|
|
|
Show this manual
|
|
|
|
|
|
|
|
--help-format { auto | groff | pager | plain }
|
|
|
|
Show this help in the specified format. auto sets the format to
|
|
|
|
plain if the environment variable TERM is "dumb" or undefined, and
|
|
|
|
to pager otherwise.
|
|
|
|
|
|
|
|
--help-full
|
|
|
|
Show this manual with all internal options in the INTERNAL OPTIONS
|
|
|
|
section
|
|
|
|
|
|
|
|
--issues-fields ,-separated sequence of { bug_type | bucket |
|
|
|
|
qualifier | severity | line | column | procedure |
|
|
|
|
procedure_start_line | file | bug_trace | key | hash | line_offset |
|
|
|
|
qualifier_contains_potential_exception_note }
|
|
|
|
Fields to emit with --issues-tests
|
|
|
|
|
|
|
|
--issues-tests file
|
|
|
|
Write a list of issues in a format suitable for tests to file
|
|
|
|
|
|
|
|
--issues-txt file
|
|
|
|
Write a list of issues in text format to file (default:
|
|
|
|
infer-out/bugs.txt)
|
|
|
|
|
|
|
|
--print-logs
|
|
|
|
Activates: Also log messages to stdout and stderr (Conversely:
|
|
|
|
--no-print-logs)
|
|
|
|
|
|
|
|
--project-root,-C dir
|
|
|
|
Specify the root directory of the project
|
|
|
|
|
|
|
|
--quiet,-q
|
|
|
|
Activates: Do not print specs on standard output (default: only
|
|
|
|
print for the report command) (Conversely: --no-quiet | -Q)
|
|
|
|
|
|
|
|
--report-blacklist-files-containing +string
|
|
|
|
Do not report any issues on files containing the specified string
|
|
|
|
|
|
|
|
--report-blacklist-path-regex +path_regex
|
|
|
|
Do not report any issues on files whose relative path matches the
|
|
|
|
specified OCaml regex, even if they match the whitelist specified
|
|
|
|
by --report-whitelist-path-regex
|
|
|
|
|
|
|
|
--report-formatter { none | phabricator }
|
|
|
|
Which formatter to use when emitting the report
|
|
|
|
|
|
|
|
--report-suppress-errors +error_name
|
|
|
|
do not report a type of errors
|
|
|
|
|
|
|
|
--report-whitelist-path-regex +path_regex
|
|
|
|
Report issues only on files whose relative path matches the
|
|
|
|
specified OCaml regex (and which do not match
|
|
|
|
--report-blacklist-path-regex)
|
|
|
|
|
|
|
|
--results-dir,-o dir
|
|
|
|
Write results and internal files in the specified directory
|
|
|
|
|
|
|
|
--skip-analysis-in-path-skips-compilation
|
|
|
|
Activates: Whether paths in --skip-analysis-in-path should be
|
|
|
|
compiled or not (Conversely:
|
|
|
|
--no-skip-analysis-in-path-skips-compilation)
|
|
|
|
HOISTING OPTIONS
|
|
|
|
--no-hoisting-report-only-expensive
|
|
|
|
Deactivates: [Hoisting] Report loop-invariant calls only when the
|
|
|
|
function is expensive, i.e. at least linear (Conversely:
|
|
|
|
--hoisting-report-only-expensive)
|
|
|
|
|
|
|
|
|
|
|
|
ENVIRONMENT
|
|
|
|
INFER_ARGS, INFERCONFIG, INFER_STRICT_MODE
|
|
|
|
See the ENVIRONMENT section in the manual of infer(1).
|
|
|
|
|
|
|
|
FILES
|
|
|
|
.inferconfig
|
|
|
|
See the FILES section in the manual of infer(1).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SEE ALSO
|
|
|
|
infer-reportdiff(1), infer-run(1)
|
|
|
|
|
|
|
|
|
|
|
|
|