Java: Add test.

java/ql/test/query-tests/RangeAnalysis/A.java

@@ -0,0 +1,154 @@
+public class A {
+  private static final int[] arr1 = new int[] { 1, 2, 3, 4, 5, 6, 7, 8 };
+  private final int[] arr2;
+  private final int[] arr3;
+
+  public A(int[] arr2, int n) {
+    if (arr2.length % 2 != 0)
+      throw new Exception();
+    this.arr2 = arr2;
+    this.arr3 = new int[n << 1];
+  }
+
+  void m1(int[] a) {
+    int sum = 0;
+    for (int i = 0; i <= a.length; i++) {
+      sum += a[i]; // Out of bounds
+    }
+  }
+
+  void m2(int[] a) {
+    int sum = 0;
+    for (int i = 0; i < a.length; i += 2) {
+      sum += a[i] + a[i + 1]; // Out of bounds (unless len%2==0)
+    }
+  }
+
+  void m3(int[] a) {
+    if (a.length % 2 != 0)
+      return;
+    int sum = 0;
+    for (int i = 0; i < a.length; ) {
+      sum += a[i++]; // OK
+      sum += a[i++]; // OK
+    }
+    for (int i = 0; i < arr1.length; ) {
+      sum += arr1[i++]; // OK
+      sum += arr1[i++]; // OK - FP
+      i += 2;
+    }
+    for (int i = 0; i < arr2.length; ) {
+      sum += arr2[i++]; // OK
+      sum += arr2[i++]; // OK - FP
+    }
+    for (int i = 0; i < arr3.length; ) {
+      sum += arr3[i++]; // OK
+      sum += arr3[i++]; // OK - FP
+    }
+    int[] b;
+    if (sum > 3)
+      b = a;
+    else
+      b = arr1;
+    for (int i = 0; i < b.length; i++) {
+      sum += b[i]; // OK
+      sum += b[++i]; // OK - FP
+    }
+  }
+
+  void m4(int[] a, int[] b) {
+    assert a.length % 2 == 0;
+    int sum = 0;
+    for (int i = 0; i < a.length; ) {
+      sum += a[i++]; // OK
+      sum += a[i++]; // OK - FP
+    }
+    int len = b.length;
+    if ((len & 1) != 0)
+      return;
+    for (int i = 0; i < len; ) {
+      sum += b[i++]; // OK
+      sum += b[i++]; // OK
+    }
+  }
+
+  void m5(int n) {
+    int[] a = new int[3 * n];
+    int sum = 0;
+    for (int i = 0; i < a.length; i += 3) {
+      sum += a[i] + a[i + 1] + a[i + 2]; // OK - FP
+    }
+  }
+
+  int m6(int[] a, int ix) {
+    if (ix < 0 || ix > a.length)
+      return 0;
+    return a[ix]; // Out of bounds
+  }
+
+  void m7() {
+    int[] xs = new int[11];
+    int sum = 0;
+    for (int i = 0; i < 11; i++) {
+      for (int j = 0; j < 11; j++) {
+        sum += xs[i]; // OK
+        sum += xs[j]; // OK
+        if (i < j)
+          sum += xs[i + 11 - j]; // OK - FP
+        else
+          sum += xs[i - j]; // OK
+      }
+    }
+  }
+
+  void m8(int[] a) {
+    if ((a.length - 4) % 3 != 0)
+      return;
+    int sum = 0;
+    for (int i = 4; i < a.length; i += 3) {
+      sum += a[i]; // OK
+      sum += a[i + 1]; // OK - FP
+      sum += a[i + 2]; // OK - FP
+    }
+  }
+
+  void m9() {
+    int[] a = new int[] { 1, 2, 3, 4, 5 };
+    int sum = 0;
+    for (int i = 0; i < 10; i++) {
+      if (i < 5)
+        sum += a[i]; // OK
+      else
+        sum += a[9 - i]; // OK - FP
+    }
+  }
+
+  void m10(int n, int m) {
+    int len = Math.min(n, m);
+    int[] a = new int[n];
+    int sum = 0;
+    for (int i = n - 1; i >= 0; i--) {
+      sum += a[i]; // OK
+      for (int j = i + 1; j < len; j++) {
+        sum += a[j]; // OK
+        sum += a[i + 1]; // OK - FP
+      }
+    }
+  }
+
+  void m11(int n) {
+    int len = n*2;
+    int[] a = new int[len];
+    int sum = 0;
+    for (int i = 0; i < len; i = i + 2) {
+      sum += a[i+1]; // OK
+      for (int j = i; j < len - 2; j = j + 2) {
+        sum += a[j]; // OK
+        sum += a[j+1]; // OK
+        sum += a[j+2]; // OK
+        sum += a[j+3]; // OK
+      }
+    }
+  }
+
+}

java/ql/test/query-tests/RangeAnalysis/ArrayIndexOutOfBounds.expected

@@ -0,0 +1,15 @@
+| A.java:16:14:16:17 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length. |
+| A.java:23:21:23:28 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length. |
+| A.java:37:14:37:22 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length. |
+| A.java:42:14:42:22 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length. |
+| A.java:46:14:46:22 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length. |
+| A.java:55:14:55:19 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length. |
+| A.java:64:14:64:19 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length. |
+| A.java:79:21:79:28 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length. |
+| A.java:79:32:79:39 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length + 1. |
+| A.java:86:12:86:16 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length. |
+| A.java:97:18:97:31 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length + 8. |
+| A.java:110:14:110:21 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length. |
+| A.java:111:14:111:21 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length + 1. |
+| A.java:122:16:122:23 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length + 3. |
+| A.java:134:16:134:23 | ...[...] | This array access might be out of bounds, as the index might be equal to the array length. |

java/ql/test/query-tests/RangeAnalysis/ArrayIndexOutOfBounds.qlref

@@ -0,0 +1 @@
+Likely Bugs/Collections/ArrayIndexOutOfBounds.ql