NAME infer-analyze - analyze the files captured by infer SYNOPSIS infer analyze [options] infer [options] DESCRIPTION Analyze the files captured in the project results directory and report. OPTIONS --annotation-reachability Activates: the annotation reachability checker. Given a pair of source and sink annotation, e.g. @PerformanceCritical and @Expensive, this checker will warn whenever some method annotated with @PerformanceCritical calls, directly or indirectly, another method annotated with @Expensive (Conversely: --no-annotation-reachability) --annotation-reachability-only Activates: Enable --annotation-reachability and disable all other checkers (Conversely: --no-annotation-reachability-only) --no-biabduction Deactivates: the separation logic based bi-abduction analysis using the checkers framework (Conversely: --biabduction) --biabduction-only Activates: Enable --biabduction and disable all other checkers (Conversely: --no-biabduction-only) --bufferoverrun Activates: the buffer overrun analysis (Conversely: --no-bufferoverrun) --bufferoverrun-only Activates: Enable --bufferoverrun and disable all other checkers (Conversely: --no-bufferoverrun-only) --changed-files-index file Specify the file containing the list of source files from which reactive analysis should start. Source files should be specified relative to project root or be absolute --class-loads Activates: Java class loading analysis (Conversely: --no-class-loads) --class-loads-only Activates: Enable --class-loads and disable all other checkers (Conversely: --no-class-loads-only) --continue-analysis Activates: Continue the analysis after more targets are captured by --continue. The other analysis options should be given the same before. Not compatible with --reanalyze and --incremental-analysis. (Conversely: --no-continue-analysis) --cost Activates: checker for performance cost analysis (Conversely: --no-cost) --cost-only Activates: Enable --cost and disable all other checkers (Conversely: --no-cost-only) --custom-symbols json Specify named lists of symbols available to rules --debug,-g Activates: Debug mode (also sets --debug-level 2, --developer-mode, --print-buckets, --print-types, --reports-include-ml-loc, --no-only-cheap-debug, --trace-error, --write-dotty, --write-html) (Conversely: --no-debug | -G) --debug-level level Debug level (sets --bo-debug level, --debug-level-analysis level, --debug-level-capture level, --debug-level-linters level): - 0: only basic debugging enabled - 1: verbose debugging enabled - 2: very verbose debugging enabled --debug-level-analysis int Debug level for the analysis. See --debug-level for accepted values. --debug-level-capture int Debug level for the capture. See --debug-level for accepted values. --debug-level-linters int Debug level for the linters. See --debug-level for accepted values. --no-deduplicate Deactivates: Apply issue-specific deduplication during analysis and/or reporting. (Conversely: --deduplicate) --no-default-checkers Deactivates: Default checkers: --biabduction, --fragment-retains-view, --inefficient-keyset-iterator, --linters, --liveness, --racerd, --siof, --self_in_block, --starvation, --uninit (Conversely: --default-checkers) --eradicate Activates: the eradicate @Nullable checker for Java annotations (Conversely: --no-eradicate) --eradicate-only Activates: Enable --eradicate and disable all other checkers (Conversely: --no-eradicate-only) --no-fragment-retains-view Deactivates: detects when Android fragments are not explicitly nullified before becoming unreabable (Conversely: --fragment-retains-view) --fragment-retains-view-only Activates: Enable --fragment-retains-view and disable all other checkers (Conversely: --no-fragment-retains-view-only) --help Show this manual --help-format { auto | groff | pager | plain } Show this help in the specified format. auto sets the format to plain if the environment variable TERM is "dumb" or undefined, and to pager otherwise. --help-full Show this manual with all internal options in the INTERNAL OPTIONS section --immutable-cast Activates: the detection of object cast from immutable type to mutable type. For instance, it will detect cast from ImmutableList to List, ImmutableMap to Map, and ImmutableSet to Set. (Conversely: --no-immutable-cast) --immutable-cast-only Activates: Enable --immutable-cast and disable all other checkers (Conversely: --no-immutable-cast-only) --impurity Activates: [EXPERIMENTAL] Impurity analysis (Conversely: --no-impurity) --impurity-only Activates: Enable --impurity and disable all other checkers (Conversely: --no-impurity-only) --no-inefficient-keyset-iterator Deactivates: Check for inefficient uses of keySet iterator that access both the key and the value. (Conversely: --inefficient-keyset-iterator) --inefficient-keyset-iterator-only Activates: Enable --inefficient-keyset-iterator and disable all other checkers (Conversely: --no-inefficient-keyset-iterator-only) --jobs,-j int Run the specified number of analysis jobs simultaneously --keep-going Activates: Keep going when the analysis encounters a failure (Conversely: --no-keep-going) --no-linters Deactivates: syntactic linters (Conversely: --linters) --linters-only Activates: Enable --linters and disable all other checkers (Conversely: --no-linters-only) --litho-required-props Activates: [EXPERIMENTAL] Required Prop check for Litho (Conversely: --no-litho-required-props) --litho-required-props-only Activates: Enable --litho-required-props and disable all other checkers (Conversely: --no-litho-required-props-only) --no-liveness Deactivates: the detection of dead stores and unused variables (Conversely: --liveness) --liveness-only Activates: Enable --liveness and disable all other checkers (Conversely: --no-liveness-only) --loop-hoisting Activates: checker for loop-hoisting (Conversely: --no-loop-hoisting) --loop-hoisting-only Activates: Enable --loop-hoisting and disable all other checkers (Conversely: --no-loop-hoisting-only) --perf-profiler-data-file file Specify the file containing perf profiler data to read --print-active-checkers Activates: Print the active checkers before starting the analysis (Conversely: --no-print-active-checkers) --print-logs Activates: Also log messages to stdout and stderr (Conversely: --no-print-logs) --printf-args Activates: the detection of mismatch between the Java printf format strings and the argument types For, example, this checker will warn about the type error in `printf("Hello %d", "world")` (Conversely: --no-printf-args) --printf-args-only Activates: Enable --printf-args and disable all other checkers (Conversely: --no-printf-args-only) --progress-bar-style { auto | plain | multiline } Style of the progress bar. auto selects multiline if connected to a tty, otherwise plain. --project-root,-C dir Specify the root directory of the project --pulse Activates: [EXPERIMENTAL] C++ lifetime analysis (Conversely: --no-pulse) --pulse-only Activates: Enable --pulse and disable all other checkers (Conversely: --no-pulse-only) --purity Activates: [EXPERIMENTAL] Purity analysis (Conversely: --no-purity) --purity-only Activates: Enable --purity and disable all other checkers (Conversely: --no-purity-only) --quandary Activates: the quandary taint analysis (Conversely: --no-quandary) --quandary-only Activates: Enable --quandary and disable all other checkers (Conversely: --no-quandary-only) --quandaryBO Activates: [EXPERIMENTAL] The quandaryBO tainted buffer access analysis (Conversely: --no-quandaryBO) --quandaryBO-only Activates: Enable --quandaryBO and disable all other checkers (Conversely: --no-quandaryBO-only) --quiet,-q Activates: Do not print specs on standard output (default: only print for the report command) (Conversely: --no-quiet | -Q) --no-racerd Deactivates: the RacerD thread safety analysis (Conversely: --racerd) --racerd-only Activates: Enable --racerd and disable all other checkers (Conversely: --no-racerd-only) --reactive,-r Activates: Reactive mode: the analysis starts from the files captured since the infer command started (Conversely: --no-reactive | -R) --no-report Deactivates: Run the reporting phase once the analysis has completed (Conversely: --report) --report-force-relative-path Activates: Force converting an absolute path to a relative path to the root directory (Conversely: --no-report-force-relative-path) --report-hook script Specify a script to be executed after the analysis results are written. This script will be passed, --issues-json, --issues-txt, --issues-xml, --project-root, and --results-dir. --results-dir,-o dir Write results and internal files in the specified directory --no-self_in_block Deactivates: checker to flag incorrect uses of when Objective-C blocks capture self (Conversely: --self_in_block) --self_in_block-only Activates: Enable --self_in_block and disable all other checkers (Conversely: --no-self_in_block-only) --no-siof Deactivates: the Static Initialization Order Fiasco analysis (C++ only) (Conversely: --siof) --siof-only Activates: Enable --siof and disable all other checkers (Conversely: --no-siof-only) --sqlite-cache-size int SQLite cache size in pages (if positive) or kB (if negative), follows formal of corresponding SQLite PRAGMA. --sqlite-lock-timeout int Timeout for SQLite results database operations, in milliseconds. --sqlite-page-size int SQLite page size in bytes, must be a power of two between 512 and 65536. --no-starvation Deactivates: starvation analysis (Conversely: --starvation) --starvation-only Activates: Enable --starvation and disable all other checkers (Conversely: --no-starvation-only) --no-uninit Deactivates: checker for use of uninitialized values (Conversely: --uninit) --uninit-only Activates: Enable --uninit and disable all other checkers (Conversely: --no-uninit-only) BIABDUCTION CHECKER OPTIONS --biabduction-fallback-model-alloc-pattern string Regex of methods that should be modelled as allocs if definition is missing --biabduction-fallback-model-free-pattern string Regex of methods that should be modelled as free if definition is missing BUCK OPTIONS --merge Activates: Merge the captured results directories specified in the dependency file. (Conversely: --no-merge) BUFFER OVERRUN OPTIONS --bo-debug int Debug level for buffer-overrun checker (0-4) --bo-service-handler-request Activates: [EXPERIMENTAL] Use taint flow of service handler requests in buffer overflow checking. (Conversely: --no-bo-service-handler-request) CLANG OPTIONS --annotation-reachability-cxx json Specify annotation reachability analyses to be performed on C/C++/ObjC code. Each entry is a JSON object whose key is the issue name. "sources" and "sinks" can be specified either by symbol (including regexps) or path prefix. "sinks" optionally can specify "overrides" (by symbol or path prefix) that block the reachability analysis when hit. Example: { "ISOLATED_REACHING_CONNECT": { "doc_url": "http:://", "sources": { "desc": "Code that should not call connect [optional]", "paths": [ "isolated/" ] }, "sinks": { "symbols": [ "connect" ], "overrides": { "symbol_regexps": [ ".*::Trusted::.*" ] } } } } This will cause us to create a new ISOLATED_REACHING_CONNECT issue for every function whose source path starts with "isolated/" that may reach the function named "connect", ignoring paths that go through a symbol matching the OCaml regexp ".*::Trusted::.*". --annotation-reachability-cxx-sources json Override sources in all cxx annotation reachability specs with the given sources spec --cxx-scope-guards json Specify scope guard classes that can be read only by destructors without being reported as dead stores. --liveness-dangerous-classes json Specify classes where the destructor should be ignored when computing liveness. In other words, assignement to variables of these types (or common wrappers around these types such as unique_ptr) will count as dead stores when the variables are not read explicitly by the program. --ml-buckets ,-separated sequence of { all | cf | arc | narc | cpp | unknown_origin } Specify the memory leak buckets to be checked in C++: - cpp from C++ code --unsafe-malloc Activates: Assume that malloc(3) never returns null. (Conversely: --no-unsafe-malloc) JAVA OPTIONS --annotation-reachability-custom-pairs json Specify custom sources/sink for the annotation reachability checker Example format: for custom annotations{Source1,Source2,Sink1} { "sources" : ["Source1", "Source2"], "sink" : "Sink1" } --external-java-packages +prefix Specify a list of Java package prefixes for external Java packages. If set, the analysis will not report non-actionable warnings on those packages. --java-version int The version of Java being used. Set it to your Java version if mvn is failing. QUANDARY CHECKER OPTIONS --quandary-endpoints json Specify endpoint classes for Quandary --quandary-sanitizers json Specify custom sanitizers for Quandary --quandary-sinks json Specify custom sinks for Quandary --quandary-sources json Specify custom sources for Quandary RACERD CHECKER OPTIONS --racerd-guardedby Activates: Check @GuardedBy annotations with RacerD (Conversely: --no-racerd-guardedby) --racerd-unknown-returns-owned Activates: Assume that all methods without a CFG (including abstract methods) return owned objects (Conversely: --no-racerd-unknown-returns-owned) --threadsafe-aliases json Specify custom annotations that should be considered aliases of @ThreadSafe SIOF CHECKER OPTIONS --siof-check-iostreams Activates: Do not assume that iostreams (cout, cerr, ...) are always initialized. The default is to assume they are always initialized to avoid false positives. However, if your program compiles against a recent libstdc++ then it is safe to turn this option on. (Conversely: --no-siof-check-iostreams) --siof-safe-methods +string Methods that are SIOF-safe; "foo::bar" will match "foo::bar()", "foo::bar()", etc. (can be specified multiple times) ENVIRONMENT INFER_ARGS, INFERCONFIG, INFER_STRICT_MODE See the ENVIRONMENT section in the manual of infer(1). FILES .inferconfig See the FILES section in the manual of infer(1). SEE ALSO infer-report(1), infer-run(1)