IntraJ is an application of the language-independent framework IntraCFG for the Java language, built as an extension of the ExtendJ Java Compiler. More details can be found in the following paper:

• A Precise Framework for Source-Level Control-Flow Analysis, Idriss Riouak 🔗, Christoph Reichenbach 🔗, Görel Hedin 🔗 and Niklas Fors 🔗. IEEE-SCAM 2021 🔗.

With IntraJ you can:

• construct intra-procedural Control Flow Graphs,
• (DAA) detect dead assignments in your codebase,
• (IMPDAA) detect implicit dead assignments in your codebase, and
• (NPA) detect occurrences of NullPointerException.

You can run IntraJ on other Java codebases (up to Java 11) in order to construct CFGs and get DAA and NPA analysis results.

We have run IntraJ on the following Java version:

• Java SDK version 11 or later. (See sdkman).

It is possible to generate PDFs that show the CFGs visually. For this you need:

1. Dot (graphviz) - PDF generation
2. Vim - PDF generation
3. Python3.x with the following dependencies:
   • PyPDF2 v1.26.0 - PDF generation
   • numpy v1.20.1 - Evaluation and Plots generation
   • pandas v1.2.4 - Evaluation and Plots generation
   • matplotlib v3.3.4 - Evaluation and Plots generation
   • seaborn v0.11.1 - Evaluation and Plots generation
   • ipython v7.26.0 - Evaluation and Plots generation

The evaluation script uses sdkman. To run the evaluation you need:

• The scripts eval.sh and evaluation/run_eval.sh use sdkman. If you don't have sdkman installed but have Java SDK 11 installed, you can comment all the lines starting with sdk in eval.sh and in evaluation/run_eval.sh. You can install sdkman by running the following commands:

  curl -s "https://get.sdkman.io" | bash
  source "$HOME/.sdkman/bin/sdkman-init.sh"
  sdk install java 11.0.2-zulu
  sdk use java 11.0.2-zulu
  

To install all the necessary Python dependencies, you can run the instruction described in the next section.

To clone the IntraJ code, run, in your working directory:

git clone https://github.com/lu-cs-sde/IntraJ.git

Move to the IntraJ directory:

cd IntraJ

To generate all the JARs necessary for the evaluation, execute

./gradlew build

To run all the tests, execute:

./gradlew test

To install Python dependencies, you can execute the following instruction:

cd resources
pip3 install -r requirements.txt

The top-level structure of the repository:

.
├── build                                # Compiled files
├── extendj                              # ExtendJ source code (submodule)
├── resources                            # Scripts and logo
├── src                                  # IntraJ source code
|    ├── jastadd
|    |     ├── CFG                       # CFG spec in JastAdd
|    |     ├── DataFlow                  # Data flow analyses spec
|    |     └── grammar                   # Local grammar overrides
|    └── java
|          ├── analysis                  # Analysis entry points
|          ├── flow                      # Flow utilities
|          ├── test                      # JUnit test spec
|          └── utils                     # General helpers for visualisation
├── tools                                # JastAdd and MagpieBridge JARs
├── testfiles                            # Automated test files
|    ├── DataFlow
|    └── CFG
├── LICENSE
└── README.md

The entry point of IntraJ (main) is defined in: extendj/src/frontend-main/org/extendj/IntraJ.java.

.
└── jastadd
     ├── CFG
     |    ├── IntraCFG
     |    |    ├── CFG.ast                # Lang-independent nodes
     |    |    └── IntraCFG.jrag          # IntraCFG spec in JastAdd        (Paper §2.b)
     |    ├── java4                       #                                 (Paper §3)
     |    |    ├── Cache.jrag             # Cache settings
     |    |    ├── Exception.jrag         # Exception spec                  (Paper §3.c)
     |    |    ├── Intializer.jrag        # Initializers spec               (Paper §3.b)
     |    |    ├── Java4.jrag             # Java4 spec
     |    |    ├── NTAFinallyCompat.jrag  # NTAFinally compat for ExtendJ 11
     |    |    └── ImplicitNodes.ast      # Reified nodes
     |    ├── java5                       #                                 (Paper §3)
     |    |     └── Java5.jrag            # Java5 spec
     |    └── java7                       #                                 (Paper §3)
     |          └── Java7.jrag            # Java7 spec
     ├── grammar
     |    └── Java4.ast                   # Patched Java4 grammar with NTA children
     └── DataFlow                         # Data flow analyses spec         (Paper §4)
           ├── Analysis.jrag              # Collection attributes
           ├── DeadAssignment.jrag        # DAA spec                        (Paper §4.c)
           ├── LiveVariableAnalysis.jrag  # LVA spec                        (Paper §4.b)
           └── NullAnalysis.jrag          # NPE spec                        (Paper §4.a)

• -help: prints all the available options.
• -genpdf: generates a pdf with AST structure of all the methods in the analysed files. It can be used combined with -succ,-pred.
• -succ: generates a pdf with the successor relation for all the methods in the analysed files. It can be used combined with -pred.
• -pred: generates a pdf with the predecessor relation for all the methods in the analysed files. It can be used combined with -succ.
• -statistics: prints the number of CFGRoots, CFGNodes and CFGEdges in the analysed files.
• -nowarn: the warning messages are not printed.

-------------- ANALYSIS OPTIONS --------------------

Available analyses:

• DAA: Detects unused dead assignments
• NPA: Detects occurrences of null pointer dereferences

Options (where id corresponds to one of the analyses above):

• -Wid: enable a given analysis, e.g., -WDAA
• -Wall: enables all the available analyses
• -Wexcept=id: enable all the available analyses except id, e.g., -Wexcept=DAA

Suppose you would like to analyze a file Example.java located in your workspace:

public class Example {
  int example() {
    Integer m = null;
    m.toString();
    int x = 0;
    x = 1;
    return x;
  }
}

By running the following command:

    java -jar intraj.jar PATH/TO/Example.java -Wall -succ -statistics

IntraJ will print the following information

[NPA - PATH/TO/Example.java:4,4] The object 'm' may be null at this point.
[DAA - PATH/TO/Example.java:5,9] The value stored in 'x' is never read.
[INFO]: CFG rendering
[INFO]: DOT to PDF
[INFO]: PDF file generated correctly
[STATISTIC]: Elapsed time (CFG + Dataflow): 0.11s
[STATISTIC]: Total number
[STATISTIC]: Number roots:3
[STATISTIC]: Number CFGNodes:16
[STATISTIC]: Number Edges:13
[STATISTIC]: Largest CFG in terms of nodes:12
[STATISTIC]: Largest CFG in terms of edges:11

And the following PDF is generated:

• 🗄 IntraJ-LSP: repository for the Language Server Protocol (LSP) implementation of IntraJ.
• 🗄 CodeProber: live inspection of IntraJ's attributes in CodeProber.
• 🗄 IntraJSCAM2021: repository submitted for Artifact Evaluation (SCAM2021) (control-flow analysis for Java)
• 🗄 IntraCFG: main repository for IntraCFG (language-independent framework for control-flow analysis)
• 🔗 JastAdd: meta-compilation system that supports Reference Attribute Grammars. We used a custom JastAdd version which better supports interfaces.
• 🔗 ExtendJ: extensible Java compiler built using JastAdd. We built IntraJ as a static analysis extension of ExtendJ. More can be found here.
• 🔗 SonarQube: platform developed by SonarSource for continuous inspection of code quality
• 🗄 JastAddJ-Intraflow: An earlier approach to implementing intra-procedural control flow, dataflow, and dead assignment analysis for Java, also using JastAdd.