infer-analyze - analyze the files captured by infer
infer
analyze [options]
infer [options]
Analyze the files captured in the project results directory and report.
--annotation-reachability
Activates: the annotation reachability checker. Given a pair of source and sink annotation, e.g. @PerformanceCritical and @Expensive, this checker will warn whenever some method annotated with @PerformanceCritical calls, directly or indirectly, another method annotated with @Expensive (Conversely: --no-annotation-reachability)
--annotation-reachability-only
Activates: Enable --annotation-reachability and disable all other checkers (Conversely: --no-annotation-reachability-only)
--no-biabduction
Deactivates: the separation logic based bi-abduction analysis using the checkers framework (Conversely: --biabduction)
--biabduction-only
Activates: Enable --biabduction and disable all other checkers (Conversely: --no-biabduction-only)
--bufferoverrun
Activates: the buffer overrun analysis (Conversely: --no-bufferoverrun)
--bufferoverrun-only
Activates: Enable --bufferoverrun and disable all other checkers (Conversely: --no-bufferoverrun-only)
--changed-files-index file
Specify the file containing the list of source files from which reactive analysis should start. Source files should be specified relative to project root or be absolute
--class-loads
Activates: Java class loading analysis (Conversely: --no-class-loads)
--class-loads-only
Activates: Enable --class-loads and disable all other checkers (Conversely: --no-class-loads-only)
--continue-analysis
Activates: Continue the analysis after more targets are captured by --continue. The other analysis options should be given the same before. Not compatible with --reanalyze and --incremental-analysis. (Conversely: --no-continue-analysis)
--cost
Activates: checker for performance cost analysis (Conversely: --no-cost)
--cost-only
Activates: Enable --cost and disable all other checkers (Conversely: --no-cost-only)
--custom-symbols json
Specify named lists of symbols available to rules
--debug,-g
Activates: Debug mode (also sets --debug-level 2, --developer-mode, --print-buckets, --print-types, --reports-include-ml-loc, --no-only-cheap-debug, --trace-error, --write-dotty, --write-html) (Conversely: --no-debug | -G)
--debug-level level
Debug level (sets --bo-debug level, --debug-level-analysis level, --debug-level-capture level, --debug-level-linters level):
- 0: only basic debugging
enabled
- 1: verbose debugging enabled
- 2: very verbose debugging enabled
--debug-level-analysis int
Debug level for the analysis. See --debug-level for accepted values.
--debug-level-capture int
Debug level for the capture. See --debug-level for accepted values.
--debug-level-linters int
Debug level for the linters. See --debug-level for accepted values.
--no-deduplicate
Deactivates: Apply issue-specific deduplication during analysis and/or reporting. (Conversely: --deduplicate)
--no-default-checkers
Deactivates: Default checkers: --biabduction, --fragment-retains-view, --inefficient-keyset-iterator, --linters, --liveness, --racerd, --siof, --self_in_block, --starvation, --uninit (Conversely: --default-checkers)
--eradicate
Activates: the eradicate @Nullable checker for Java annotations (Conversely: --no-eradicate)
--eradicate-only
Activates: Enable --eradicate and disable all other checkers (Conversely: --no-eradicate-only)
--no-fragment-retains-view
Deactivates: detects when Android fragments are not explicitly nullified before becoming unreabable (Conversely: --fragment-retains-view)
--fragment-retains-view-only
Activates: Enable --fragment-retains-view and disable all other checkers (Conversely: --no-fragment-retains-view-only)
--help
Show this manual
--help-format { auto | groff | pager | plain }
Show this help in the specified format. auto sets the format to plain if the environment variable TERM is "dumb" or undefined, and to pager otherwise.
--help-full
Show this manual with all internal options in the INTERNAL OPTIONS section
--immutable-cast
Activates: the detection of object cast from immutable type to mutable type. For instance, it will detect cast from ImmutableList to List, ImmutableMap to Map, and ImmutableSet to Set. (Conversely: --no-immutable-cast)
--immutable-cast-only
Activates: Enable --immutable-cast and disable all other checkers (Conversely: --no-immutable-cast-only)
--impurity
Activates: [EXPERIMENTAL] Impurity analysis (Conversely: --no-impurity)
--impurity-only
Activates: Enable --impurity and disable all other checkers (Conversely: --no-impurity-only)
--no-inefficient-keyset-iterator
Deactivates: Check for inefficient uses of keySet iterator that access both the key and the value. (Conversely: --inefficient-keyset-iterator)
--inefficient-keyset-iterator-only
Activates: Enable --inefficient-keyset-iterator and disable all other checkers (Conversely: --no-inefficient-keyset-iterator-only)
--jobs,-j int
Run the specified number of analysis jobs simultaneously
--keep-going
Activates: Keep going when the analysis encounters a failure (Conversely: --no-keep-going)
--no-linters
Deactivates: syntactic linters (Conversely: --linters)
--linters-only
Activates: Enable --linters and disable all other checkers (Conversely: --no-linters-only)
--litho-required-props
Activates: [EXPERIMENTAL] Required Prop check for Litho (Conversely: --no-litho-required-props)
--litho-required-props-only
Activates: Enable --litho-required-props and disable all other checkers (Conversely: --no-litho-required-props-only)
--no-liveness
Deactivates: the detection of dead stores and unused variables (Conversely: --liveness)
--liveness-only
Activates: Enable --liveness and disable all other checkers (Conversely: --no-liveness-only)
--loop-hoisting
Activates: checker for loop-hoisting (Conversely: --no-loop-hoisting)
--loop-hoisting-only
Activates: Enable --loop-hoisting and disable all other checkers (Conversely: --no-loop-hoisting-only)
--perf-profiler-data-file file
Specify the file containing perf profiler data to read
--print-active-checkers
Activates: Print the active checkers before starting the analysis (Conversely: --no-print-active-checkers)
--print-logs
Activates: Also log messages to stdout and stderr (Conversely: --no-print-logs)
--printf-args
Activates: the detection of mismatch between the Java printf format strings and the argument types For, example, this checker will warn about the type error in ’printf("Hello %d", "world")’ (Conversely: --no-printf-args)
--printf-args-only
Activates: Enable --printf-args and disable all other checkers (Conversely: --no-printf-args-only)
--progress-bar-style { auto | plain | multiline }
Style of the progress bar. auto selects multiline if connected to a tty, otherwise plain.
--project-root,-C dir
Specify the root directory of the project
--pulse
Activates: [EXPERIMENTAL] C++ lifetime analysis (Conversely: --no-pulse)
--pulse-cut-to-one-path-procedures-pattern string
Regex of methods for which pulse will only explore one path. Can be used on pathologically large procedures to prevent too-big states from being produced.
--pulse-model-alloc-pattern string
Regex of methods that should be modelled as allocs in Pulse
--pulse-model-release-pattern string
Regex of methods that should be modelled as release in Pulse
--pulse-model-transfer-ownership +string
Methods that should be modelled as transfering memory ownership in Pulse. Accepted formats are method or namespace::method
--pulse-only
Activates: Enable --pulse and disable all other checkers (Conversely: --no-pulse-only)
--purity
Activates: [EXPERIMENTAL] Purity analysis (Conversely: --no-purity)
--purity-only
Activates: Enable --purity and disable all other checkers (Conversely: --no-purity-only)
--quandary
Activates: the quandary taint analysis (Conversely: --no-quandary)
--quandary-only
Activates: Enable --quandary and disable all other checkers (Conversely: --no-quandary-only)
--quiet,-q
Activates: Do not print anything on standard output. (Conversely: --no-quiet | -Q)
--no-racerd
Deactivates: the RacerD thread safety analysis (Conversely: --racerd)
--racerd-only
Activates: Enable --racerd and disable all other checkers (Conversely: --no-racerd-only)
--reactive,-r
Activates: Reactive mode: the analysis starts from the files captured since the infer command started (Conversely: --no-reactive | -R)
--no-report
Deactivates: Run the reporting phase once the analysis has completed (Conversely: --report)
--report-force-relative-path
Activates: Force converting an absolute path to a relative path to the root directory (Conversely: --no-report-force-relative-path)
--results-dir,-o dir
Write results and internal files in the specified directory
--no-self_in_block
Deactivates: checker to flag incorrect uses of when Objective-C blocks capture self (Conversely: --self_in_block)
--self_in_block-only
Activates: Enable --self_in_block and disable all other checkers (Conversely: --no-self_in_block-only)
--no-siof
Deactivates: the Static Initialization Order Fiasco analysis (C++ only) (Conversely: --siof)
--siof-only
Activates: Enable --siof and disable all other checkers (Conversely: --no-siof-only)
--sqlite-cache-size int
SQLite cache size in pages (if positive) or kB (if negative), follows formal of corresponding SQLite PRAGMA.
--sqlite-lock-timeout int
Timeout for SQLite results database operations, in milliseconds.
--sqlite-page-size int
SQLite page size in bytes, must be a power of two between 512 and 65536.
--no-starvation
Deactivates: starvation analysis (Conversely: --starvation)
--starvation-only
Activates: Enable --starvation and disable all other checkers (Conversely: --no-starvation-only)
--no-uninit
Deactivates: checker for use of uninitialized values (Conversely: --uninit)
--uninit-only
Activates: Enable --uninit and disable all other checkers (Conversely: --no-uninit-only)
--merge
Activates: Merge the captured results directories specified in the dependency file. (Conversely: --no-merge)
--bo-debug int
Debug level for buffer-overrun checker (0-4)
--bo-field-depth-limit int
Limit of field depth of abstract location in buffer-overrun checker
--bo-service-handler-request
Activates: [EXPERIMENTAL] Use taint flow of service handler requests in buffer overflow checking. (Conversely: --no-bo-service-handler-request)
--annotation-reachability-cxx json
Specify annotation reachability analyses to be performed on C/C++/ObjC code. Each entry is a JSON object whose key is the issue name. "sources" and "sinks" can be specified either by symbol (including regexps) or path prefix. "sinks" optionally can specify "overrides" (by symbol or path prefix) that block the reachability analysis when hit. Example:
{
"ISOLATED_REACHING_CONNECT": {
"doc_url":
"http:://example.com/issue/doc/optional_link.html",
"sources": {
"desc": "Code that should not call connect
[optional]",
"paths": [ "isolated/" ]
},
"sinks": {
"symbols": [ "connect" ],
"overrides": { "symbol_regexps": [
".*::Trusted::.*" ] }
}
}
}
This will cause us to create a new ISOLATED_REACHING_CONNECT
issue for every function whose source path starts with
"isolated/"
that may reach the function named "connect",
ignoring paths that
go through a symbol matching the OCaml regexp
".*::Trusted::.*".
--annotation-reachability-cxx-sources json
Override sources in all cxx annotation reachability specs with the given sources spec
--clang-compound-literal-init-limit int
Limit after which initialization of compound types (structs and arrays) is not done element by element but using a builtin function that each analysis has to model.
--cxx-scope-guards json
Specify scope guard classes that can be read only by destructors without being reported as dead stores.
--liveness-dangerous-classes json
Specify classes where the destructor should be ignored when computing liveness. In other words, assignement to variables of these types (or common wrappers around these types such as unique_ptr<type>) will count as dead stores when the variables are not read explicitly by the program.
--ml-buckets
,-separated sequence of { all | cf | arc | narc | cpp |
unknown_origin }
Specify the memory leak buckets to be checked in C++:
- cpp from C++ code
--unsafe-malloc
Activates: Assume that malloc(3) never returns null. (Conversely: --no-unsafe-malloc)
--annotation-reachability-custom-pairs json
Specify custom sources/sink for the annotation reachability checker
Example format: for custom
annotations
com.my.annotation.{Source1,Source2,Sink1}
{ "sources" : ["Source1",
"Source2"], "sink" : "Sink1" }
--external-java-packages +prefix
Specify a list of Java package prefixes for external Java packages. If set, the analysis will not report non-actionable warnings on those packages.
--java-version int
The version of Java being used. Set it to your Java version if mvn is failing.
--quandary-endpoints json
Specify endpoint classes for Quandary
--quandary-sanitizers json
Specify custom sanitizers for Quandary
--quandary-sinks json
Specify custom sinks for Quandary
--quandary-sources json
Specify custom sources for Quandary
--racerd-guardedby
Activates: Check @GuardedBy annotations with RacerD (Conversely: --no-racerd-guardedby)
--no-racerd-unknown-returns-owned
Deactivates: DEPRECATED, does nothing. (Conversely: --racerd-unknown-returns-owned)
--threadsafe-aliases json
Specify custom annotations that should be considered aliases of @ThreadSafe
--siof-check-iostreams
Activates: Do not assume that iostreams (cout, cerr, ...) are always initialized. The default is to assume they are always initialized to avoid false positives. However, if your program compiles against a recent libstdc++ then it is safe to turn this option on. (Conversely: --no-siof-check-iostreams)
--siof-safe-methods +string
Methods that are SIOF-safe; "foo::bar" will match "foo::bar()", "foo<int>::bar()", etc. (can be specified multiple times)
INFER_ARGS, INFERCONFIG, INFER_STRICT_MODE
See the ENVIRONMENT section in the manual of infer(1).
.inferconfig
See the FILES section in the manual of infer(1).
infer-report(1), infer-run(1)