infer-analyze - analyze the files captured by infer
infer
analyze [options]
infer [options]
Analyze the files captured in the project results directory and report.
--analyzer,-a
{ checkers | infer | capture | compile | crashcontext |
linters }
Specify which analyzer to run (only one at a time is supported):
- biabduction: run the
bi-abduction based checker only, in
particular to check for memory errors
- checkers: run the default checkers, including the
bi-abduction
based checker for memory errors (default)
- infer: alias for biabduction
- linters: run linters based on the ast only (clang
only,
activated by default)
- capture: similar to specifying the capture
subcommand
(DEPRECATED)
- compile: similar to specifying the compile
subcommand
(DEPRECATED)
- crashcontext: experimental (see
--crashcontext)
--no-annotation-reachability
Deactivates: the annotation reachability checker. Given a pair of source and sink annotation, e.g. @PerformanceCritical and @Expensive, this checker will warn whenever some method annotated with @PerformanceCritical calls, directly or indirectly, another method annotated with @Expensive (Conversely: --annotation-reachability)
--annotation-reachability-only
Activates: Enable --annotation-reachability and disable all other checkers (Conversely: --no-annotation-reachability-only)
--no-biabduction
Deactivates: the separation logic based bi-abduction analysis using the checkers framework (Conversely: --biabduction)
--biabduction-only
Activates: Enable --biabduction and disable all other checkers (Conversely: --no-biabduction-only)
--bufferoverrun
Activates: the buffer overrun analysis (Conversely: --no-bufferoverrun)
--bufferoverrun-only
Activates: Enable --bufferoverrun and disable all other checkers (Conversely: --no-bufferoverrun-only)
--changed-files-index file
Specify the file containing the list of source files from which reactive analysis should start. Source files should be specified relative to project root or be absolute
--check-nullable
Activates: checks that values annotated with nullable are always checked for null before dereference (Conversely: --no-check-nullable)
--check-nullable-only
Activates: Enable --check-nullable and disable all other checkers (Conversely: --no-check-nullable-only)
--continue
Activates: Continue the capture for the reactive analysis, increasing the changed files/procedures. (If a procedure was changed beforehand, keep the changed marking.) (Conversely: --no-continue)
--cost
Activates: checker for performance cost analysis (Conversely: --no-cost)
--cost-only
Activates: Enable --cost and disable all other checkers (Conversely: --no-cost-only)
--crashcontext
Activates: the crashcontext checker for Java stack trace context reconstruction (Conversely: --no-crashcontext)
--crashcontext-only
Activates: Enable --crashcontext and disable all other checkers (Conversely: --no-crashcontext-only)
--debug,-g
Activates: Debug mode (also sets --debug-level 2, --developer-mode, --no-filtering, --print-buckets, --print-types, --reports-include-ml-loc, --no-only-cheap-debug, --trace-error, --write-dotty, --write-html) (Conversely: --no-debug | -G)
--debug-level level
Debug level (sets --bo-debug level, --debug-level-analysis level, --debug-level-capture level, --debug-level-linters level):
- 0: only basic debugging
enabled
- 1: verbose debugging enabled
- 2: very verbose debugging enabled
--debug-level-analysis int
Debug level for the analysis. See --debug-level for accepted values. (default: 0)
--debug-level-capture int
Debug level for the capture. See --debug-level for accepted values. (default: 0)
--debug-level-linters int
Debug level for the linters. See --debug-level for accepted values. (default: 0)
--no-default-checkers
Deactivates: Default checkers: --annotation-reachability, --biabduction, --fragment-retains-view, --immutable-cast, --linters, --liveness, --ownership, --printf-args, --racerd, --siof, --uninit (Conversely: --default-checkers)
--eradicate
Activates: the eradicate @Nullable checker for Java annotations (Conversely: --no-eradicate)
--eradicate-only
Activates: Enable --eradicate and disable all other checkers (Conversely: --no-eradicate-only)
--no-fragment-retains-view
Deactivates: detects when Android fragments are not explicitly nullified before becoming unreabable (Conversely: --fragment-retains-view)
--fragment-retains-view-only
Activates: Enable --fragment-retains-view and disable all other checkers (Conversely: --no-fragment-retains-view-only)
--help
Show this manual
--help-format { auto | groff | pager | plain }
Show this help in the specified format. auto sets the format to plain if the environment variable TERM is "dumb" or undefined, and to pager otherwise. (default: auto)
--help-full
Show this manual with all internal options in the INTERNAL OPTIONS section
--no-immutable-cast
Deactivates: the detection of object cast from immutable type to mutable type. For instance, it will detect cast from ImmutableList to List, ImmutableMap to Map, and ImmutableSet to Set. (Conversely: --immutable-cast)
--immutable-cast-only
Activates: Enable --immutable-cast and disable all other checkers (Conversely: --no-immutable-cast-only)
--jobs,-j int
Run the specified number of analysis jobs simultaneously (default: 4)
--keep-going
Activates: Keep going when the analysis encounters a failure (Conversely: --no-keep-going)
--no-linters
Deactivates: syntactic linters (Conversely: --linters)
--linters-only
Activates: Enable --linters and disable all other checkers (Conversely: --no-linters-only)
--litho
Activates: Experimental checkers supporting the Litho framework (Conversely: --no-litho)
--litho-only
Activates: Enable --litho and disable all other checkers (Conversely: --no-litho-only)
--no-liveness
Deactivates: the detection of dead stores and unused variables (Conversely: --liveness)
--liveness-only
Activates: Enable --liveness and disable all other checkers (Conversely: --no-liveness-only)
--no-ownership
Deactivates: the detection of C++ lifetime bugs (Conversely: --ownership)
--ownership-only
Activates: Enable --ownership and disable all other checkers (Conversely: --no-ownership-only)
--print-active-checkers
Activates: Print the active checkers before starting the analysis (Conversely: --no-print-active-checkers)
--print-logs
Activates: Also log messages to stdout and stderr (Conversely: --no-print-logs)
--no-printf-args
Deactivates: the detection of mismatch between the Java printf format strings and the argument types For, example, this checker will warn about the type error in ’printf("Hello %d", "world")’ (Conversely: --printf-args)
--printf-args-only
Activates: Enable --printf-args and disable all other checkers (Conversely: --no-printf-args-only)
--project-root,-C dir
Specify the root directory of the project (default: /home/jul/infer.fb)
--quandary
Activates: the quandary taint analysis (Conversely: --no-quandary)
--quandary-only
Activates: Enable --quandary and disable all other checkers (Conversely: --no-quandary-only)
--quiet,-q
Activates: Do not print specs on standard output (default: only print for the report command) (Conversely: --no-quiet | -Q)
--no-racerd
Deactivates: the RacerD thread safety analysis (Conversely: --racerd)
--racerd-only
Activates: Enable --racerd and disable all other checkers (Conversely: --no-racerd-only)
--reactive,-r
Activates: Reactive mode: the analysis starts from the files captured since the infer command started (Conversely: --no-reactive | -R)
--no-report
Deactivates: Run the reporting phase once the analysis has completed (Conversely: --report)
--report-hook script
Specify a script to be executed after the analysis results are written. This script will be passed, --issues-json, --issues-txt, --issues-xml, --project-root, and --results-dir. (default: /home/jul/infer.fb/infer/bin/../lib/python/report.py)
--results-dir,-o dir
Write results and internal files in the specified directory (default: /home/jul/infer.fb/infer-out)
--no-siof
Deactivates: the Static Initialization Order Fiasco analysis (C++ only) (Conversely: --siof)
--siof-only
Activates: Enable --siof and disable all other checkers (Conversely: --no-siof-only)
--starvation
Activates: starvation analysis (Conversely: --no-starvation)
--starvation-only
Activates: Enable --starvation and disable all other checkers (Conversely: --no-starvation-only)
--suggest-nullable
Activates: Nullable annotation sugesstions analysis (Conversely: --no-suggest-nullable)
--suggest-nullable-only
Activates: Enable --suggest-nullable and disable all other checkers (Conversely: --no-suggest-nullable-only)
--no-uninit
Deactivates: checker for use of uninitialized values (Conversely: --uninit)
--uninit-only
Activates: Enable --uninit and disable all other checkers (Conversely: --no-uninit-only)
--merge
Activates: Merge the captured results directories specified in the dependency file (Conversely: --no-merge)
--bo-debug int
Debug level for buffer-overrun checker (0-4) (default: 0)
--cxx-scope-guards json
Specify scope guard classes that can be read only by destructors without being reported as dead stores. (default: [])
--ml-buckets
,-separated sequence of { all | cf | arc | narc | cpp |
unknown_origin }
Specify the memory leak buckets to be checked in C++:
- cpp from C++ code
(default: cf)
--unsafe-malloc
Activates: Assume that malloc(3) never returns null. (Conversely: --no-unsafe-malloc)
--stacktrace file
File path containing a json-encoded Java crash stacktrace. Used to guide the analysis (only with '-a crashcontext'). See tests/codetoanalyze/java/crashcontext/*.json for examples of the expected format.
--stacktraces-dir dir
Directory path containing multiple json-encoded Java crash stacktraces. Used to guide the analysis (only with '-a crashcontext'). See tests/codetoanalyze/java/crashcontext/*.json for examples of the expected format.
--annotation-reachability-custom-pairs json
Specify custom sources/sink for the annotation reachability checker
Example format: for custom
annotations
com.my.annotation.{Source1,Source2,Sink1}
{ "sources" : ["Source1",
"Source2"], "sink" : "Sink1" }
(default: [])
--external-java-packages +prefix
Specify a list of Java package prefixes for external Java packages. If set, the analysis will not report non-actionable warnings on those packages.
--quandary-endpoints json
Specify endpoint classes for Quandary (default: [])
--quandary-sanitizers json
Specify custom sanitizers for Quandary (default: [])
--quandary-sinks json
Specify custom sinks for Quandary (default: [])
--quandary-sources json
Specify custom sources for Quandary (default: [])
--threadsafe-aliases json
Specify custom annotations that should be considered aliases of @ThreadSafe (default: [])
--siof-check-iostreams
Activates: Do not assume that iostreams (cout, cerr, ...) are always initialized. The default is to assume they are always initialized when --cxx-infer-headers is false to avoid false positives due to lack of models of the proper initialization of io streams. However, if your program compiles against a recent libstdc++ then the infer models are not needed for precision and it is safe to turn this option on. (Conversely: --no-siof-check-iostreams)
--siof-safe-methods +string
Methods that are SIOF-safe; "foo::bar" will match "foo::bar()", "foo<int>::bar()", etc. (can be specified multiple times)
INFER_ARGS, INFERCONFIG, INFER_STRICT_MODE
See the ENVIRONMENT section in the manual of infer(1).
.inferconfig
See the FILES section in the manual of infer(1).
infer-report(1), infer-run(1)