infer-analyze - analyze the files captured by infer
infer
analyze [options]
infer [options]
Analyze the files captured in the project results directory and report.
--annotation-reachability
Activates: the annotation reachability checker. Given a pair of source and sink annotation, e.g. @PerformanceCritical and @Expensive, this checker will warn whenever some method annotated with @PerformanceCritical calls, directly or indirectly, another method annotated with @Expensive (Conversely: --no-annotation-reachability)
--annotation-reachability-only
Activates: Enable --annotation-reachability and disable all other checkers (Conversely: --no-annotation-reachability-only)
--no-biabduction
Deactivates: the separation logic based bi-abduction analysis using the checkers framework (Conversely: --biabduction)
--biabduction-only
Activates: Enable --biabduction and disable all other checkers (Conversely: --no-biabduction-only)
--bufferoverrun
Activates: the buffer overrun analysis (Conversely: --no-bufferoverrun)
--bufferoverrun-only
Activates: Enable --bufferoverrun and disable all other checkers (Conversely: --no-bufferoverrun-only)
--changed-files-index file
Specify the file containing the list of source files from which reactive analysis should start. Source files should be specified relative to project root or be absolute
--class-loads
Activates: Java class loading analysis (Conversely: --no-class-loads)
--class-loads-only
Activates: Enable --class-loads and disable all other checkers (Conversely: --no-class-loads-only)
--continue
Activates: Continue the capture for the reactive analysis, increasing the changed files/procedures. (If a procedure was changed beforehand, keep the changed marking.) (Conversely: --no-continue)
--cost
Activates: checker for performance cost analysis (Conversely: --no-cost)
--cost-only
Activates: Enable --cost and disable all other checkers (Conversely: --no-cost-only)
--custom-symbols json
Specify named lists of symbols available to rules
--debug,-g
Activates: Debug mode (also sets --debug-level 2, --developer-mode, --no-filtering, --print-buckets, --print-types, --reports-include-ml-loc, --no-only-cheap-debug, --trace-error, --write-dotty, --write-html) (Conversely: --no-debug | -G)
--debug-level level
Debug level (sets --bo-debug level, --debug-level-analysis level, --debug-level-capture level, --debug-level-linters level):
- 0: only basic debugging
enabled
- 1: verbose debugging enabled
- 2: very verbose debugging enabled
--debug-level-analysis int
Debug level for the analysis. See --debug-level for accepted values.
--debug-level-capture int
Debug level for the capture. See --debug-level for accepted values.
--debug-level-linters int
Debug level for the linters. See --debug-level for accepted values.
--no-default-checkers
Deactivates: Default checkers: --biabduction, --fragment-retains-view, --inefficient-keyset-iterator, --linters, --liveness, --racerd, --siof, --starvation, --uninit (Conversely: --default-checkers)
--eradicate
Activates: the eradicate @Nullable checker for Java annotations (Conversely: --no-eradicate)
--eradicate-only
Activates: Enable --eradicate and disable all other checkers (Conversely: --no-eradicate-only)
--no-fragment-retains-view
Deactivates: detects when Android fragments are not explicitly nullified before becoming unreabable (Conversely: --fragment-retains-view)
--fragment-retains-view-only
Activates: Enable --fragment-retains-view and disable all other checkers (Conversely: --no-fragment-retains-view-only)
--help
Show this manual
--help-format { auto | groff | pager | plain }
Show this help in the specified format. auto sets the format to plain if the environment variable TERM is "dumb" or undefined, and to pager otherwise.
--help-full
Show this manual with all internal options in the INTERNAL OPTIONS section
--immutable-cast
Activates: the detection of object cast from immutable type to mutable type. For instance, it will detect cast from ImmutableList to List, ImmutableMap to Map, and ImmutableSet to Set. (Conversely: --no-immutable-cast)
--immutable-cast-only
Activates: Enable --immutable-cast and disable all other checkers (Conversely: --no-immutable-cast-only)
--no-inefficient-keyset-iterator
Deactivates: Check for inefficient uses of keySet iterator that access both the key and the value. (Conversely: --inefficient-keyset-iterator)
--inefficient-keyset-iterator-only
Activates: Enable --inefficient-keyset-iterator and disable all other checkers (Conversely: --no-inefficient-keyset-iterator-only)
--jobs,-j int
Run the specified number of analysis jobs simultaneously
--keep-going
Activates: Keep going when the analysis encounters a failure (Conversely: --no-keep-going)
--no-linters
Deactivates: syntactic linters (Conversely: --linters)
--linters-only
Activates: Enable --linters and disable all other checkers (Conversely: --no-linters-only)
--litho
Activates: Experimental checkers supporting the Litho framework (Conversely: --no-litho)
--litho-only
Activates: Enable --litho and disable all other checkers (Conversely: --no-litho-only)
--no-liveness
Deactivates: the detection of dead stores and unused variables (Conversely: --liveness)
--liveness-only
Activates: Enable --liveness and disable all other checkers (Conversely: --no-liveness-only)
--loop-hoisting
Activates: checker for loop-hoisting (Conversely: --no-loop-hoisting)
--loop-hoisting-only
Activates: Enable --loop-hoisting and disable all other checkers (Conversely: --no-loop-hoisting-only)
--nullsafe
Activates: [EXPERIMENTAL] Nullable type checker (incomplete: use --eradicate for now) (Conversely: --no-nullsafe)
--nullsafe-only
Activates: Enable --nullsafe and disable all other checkers (Conversely: --no-nullsafe-only)
--perf-profiler-data-file file
Specify the file containing perf profiler data to read
--print-active-checkers
Activates: Print the active checkers before starting the analysis (Conversely: --no-print-active-checkers)
--print-logs
Activates: Also log messages to stdout and stderr (Conversely: --no-print-logs)
--printf-args
Activates: the detection of mismatch between the Java printf format strings and the argument types For, example, this checker will warn about the type error in ’printf("Hello %d", "world")’ (Conversely: --no-printf-args)
--printf-args-only
Activates: Enable --printf-args and disable all other checkers (Conversely: --no-printf-args-only)
--progress-bar-style { auto | plain | multiline }
Style of the progress bar. auto selects multiline if connected to a tty, otherwise plain.
--project-root,-C dir
Specify the root directory of the project
--pulse
Activates: [EXPERIMENTAL] C++ lifetime analysis (Conversely: --no-pulse)
--pulse-only
Activates: Enable --pulse and disable all other checkers (Conversely: --no-pulse-only)
--purity
Activates: [EXPERIMENTAL] Purity analysis (Conversely: --no-purity)
--purity-only
Activates: Enable --purity and disable all other checkers (Conversely: --no-purity-only)
--quandary
Activates: the quandary taint analysis (Conversely: --no-quandary)
--quandary-only
Activates: Enable --quandary and disable all other checkers (Conversely: --no-quandary-only)
--quandaryBO
Activates: [EXPERIMENTAL] The quandaryBO tainted buffer access analysis (Conversely: --no-quandaryBO)
--quandaryBO-only
Activates: Enable --quandaryBO and disable all other checkers (Conversely: --no-quandaryBO-only)
--quiet,-q
Activates: Do not print specs on standard output (default: only print for the report command) (Conversely: --no-quiet | -Q)
--no-racerd
Deactivates: the RacerD thread safety analysis (Conversely: --racerd)
--racerd-only
Activates: Enable --racerd and disable all other checkers (Conversely: --no-racerd-only)
--reactive,-r
Activates: Reactive mode: the analysis starts from the files captured since the infer command started (Conversely: --no-reactive | -R)
--no-report
Deactivates: Run the reporting phase once the analysis has completed (Conversely: --report)
--report-force-relative-path
Activates: Force converting an absolute path to a relative path to the root directory (Conversely: --no-report-force-relative-path)
--report-hook script
Specify a script to be executed after the analysis results are written. This script will be passed, --issues-json, --issues-txt, --issues-xml, --project-root, and --results-dir.
--results-dir,-o dir
Write results and internal files in the specified directory
--no-siof
Deactivates: the Static Initialization Order Fiasco analysis (C++ only) (Conversely: --siof)
--siof-only
Activates: Enable --siof and disable all other checkers (Conversely: --no-siof-only)
--sqlite-lock-timeout int
Timeout for SQLite results database operations, in milliseconds.
--no-starvation
Deactivates: starvation analysis (Conversely: --starvation)
--starvation-only
Activates: Enable --starvation and disable all other checkers (Conversely: --no-starvation-only)
--no-uninit
Deactivates: checker for use of uninitialized values (Conversely: --uninit)
--uninit-only
Activates: Enable --uninit and disable all other checkers (Conversely: --no-uninit-only)
--biabduction-fallback-model-alloc-pattern string
Regex of methods that should be modelled as allocs if definition is missing
--biabduction-fallback-model-free-pattern string
Regex of methods that should be modelled as free if definition is missing
--merge
Activates: Merge the captured results directories specified in the dependency file (Conversely: --no-merge)
--bo-debug int
Debug level for buffer-overrun checker (0-4)
--bo-relational-domain { oct | poly }
Select a relational domain being used in the bufferoverrun checker (experimental)
--annotation-reachability-cxx json
Specify annotation reachability analyses to be performed on C/C++/ObjC code. Each entry is a JSON object whose key is the issue name. "sources" and "sinks" can be specified either by symbol or path prefix. "sinks" optionally can specify "overrides" (by symbol or path prefix) that block the reachability analysis when hit. Example:
{
"ISOLATED_REACHING_CONNECT": {
"doc_url":
"http:://optional/issue/doc/link.html",
"sources": {
"desc": "Code that should not call connect
[optional]",
"paths": [ "isolated/" ]
},
"sinks": {
"symbols": [ "connect" ],
"overrides": { "symbols": [
"Trusted::" ] }
}
}
}
This will cause us to create a new ISOLATED_REACHING_CONNECT
issue for every function whose source path starts with
"isolated/"
that may reach the function named "connect",
ignoring paths that
go through a symbol starting with "Trusted::".
--annotation-reachability-cxx-sources json
Override sources in all cxx annotation reachability specs with the given sources spec
--cxx-scope-guards json
Specify scope guard classes that can be read only by destructors without being reported as dead stores.
--liveness-dangerous-classes json
Specify classes where the destructor should be ignored when computing liveness. In other words, assignement to variables of these types (or common wrappers around these types such as unique_ptr<type>) will count as dead stores when the variables are not read explicitly by the program.
--ml-buckets
,-separated sequence of { all | cf | arc | narc | cpp |
unknown_origin }
Specify the memory leak buckets to be checked in C++:
- cpp from C++ code
--unsafe-malloc
Activates: Assume that malloc(3) never returns null. (Conversely: --no-unsafe-malloc)
--annotation-reachability-custom-pairs json
Specify custom sources/sink for the annotation reachability checker
Example format: for custom
annotations
com.my.annotation.{Source1,Source2,Sink1}
{ "sources" : ["Source1",
"Source2"], "sink" : "Sink1" }
--external-java-packages +prefix
Specify a list of Java package prefixes for external Java packages. If set, the analysis will not report non-actionable warnings on those packages.
--java-version int
The version of Java being used. Set it to your Java version if mvn is failing.
--quandary-endpoints json
Specify endpoint classes for Quandary
--quandary-sanitizers json
Specify custom sanitizers for Quandary
--quandary-sinks json
Specify custom sinks for Quandary
--quandary-sources json
Specify custom sources for Quandary
--racerd-guardedby
Activates: Check @GuardedBy annotations with RacerD (Conversely: --no-racerd-guardedby)
--threadsafe-aliases json
Specify custom annotations that should be considered aliases of @ThreadSafe
--siof-check-iostreams
Activates: Do not assume that iostreams (cout, cerr, ...) are always initialized. The default is to assume they are always initialized to avoid false positives. However, if your program compiles against a recent libstdc++ then it is safe to turn this option on. (Conversely: --no-siof-check-iostreams)
--siof-safe-methods +string
Methods that are SIOF-safe; "foo::bar" will match "foo::bar()", "foo<int>::bar()", etc. (can be specified multiple times)
INFER_ARGS, INFERCONFIG, INFER_STRICT_MODE
See the ENVIRONMENT section in the manual of infer(1).
.inferconfig
See the FILES section in the manual of infer(1).
infer-report(1), infer-run(1)