Skip to content

Mbaluda perf#1153

Draft
mbaluda wants to merge 157 commits into
mainfrom
mbaluda-perf
Draft

Mbaluda perf#1153
mbaluda wants to merge 157 commits into
mainfrom
mbaluda-perf

Conversation

@mbaluda

@mbaluda mbaluda commented Jun 29, 2026

Copy link
Copy Markdown
Collaborator

Description

please enter the description of your change here

Change request type

  • Release or process automation (GitHub workflows, internal scripts)
  • Internal documentation
  • External documentation
  • Query files (.ql, .qll, .qls or unit tests)
  • External scripts (analysis report or other code shipped as part of a release)

Rules with added or modified queries

  • No rules added
  • Queries have been added for the following rules:
    • rule number here
  • Queries have been modified for the following rules:
    • rule number here

Release change checklist

A change note (development_handbook.md#change-notes) is required for any pull request which modifies:

  • The structure or layout of the release artifacts.
  • The evaluation performance (memory, execution time) of an existing query.
  • The results of an existing query in any circumstance.

If you are only adding new rule queries, a change note is not required.

Author: Is a change note required?

  • Yes
  • No

🚨🚨🚨
Reviewer: Confirm that format of shared queries (not the .qll file, the
.ql file that imports it) is valid by running them within VS Code.

  • Confirmed

Reviewer: Confirm that either a change note is not required or the change note is required and has been added.

  • Confirmed

Query development review checklist

For PRs that add new queries or modify existing queries, the following checklist should be completed by both the author and reviewer:

Author

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

Reviewer

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

jketema and others added 30 commits March 6, 2025 13:52
@jketema
Update expected test results after frontend update
1c82682
@jketema
Merge pull request #865 from jketema/frontend-update
ce14612 
Update expected test results after frontend update
@jketema
Merge branch 'main' into next
d6b55ca
@jketema
Update MISRA queries and tests after merging location tables
f07f569
@jketema
Merge pull request #915 from jketema/loc-table-merge
3b4a91c 
Update MISRA queries and tests after merging location tables
@IdrissRio
C++: accept new test results after QL changes
67adebb
@jketema
Merge pull request #916 from IdrissRio/next
60c2e05 
C++: accept new test results after QL changes
@jketema
Merge remote-tracking branch 'upstream/main' into next
740bcd0
@jketema
Comvert ARR37-C to use the new dataflow library
2089bcd
@jketema
Conver ARR39-C to the new dataflow library
cf1b625 
Observe that `sizeof(...)` might not occur as a dataflow node if it has a
parent node with a concrete value. That value will be a dataflow node instead.
Hence, the query has be changed to check for expressions where `sizeof(...)`
is a child of an expression with a concrete value.
@jketema
Convert ERR30-C to use the new dataflow library
8d73f3b
@jketema
Convert FIO45-C to use the new dataflow library
7a1577e
@jketema
Convert EXP36-C to the new datafow library
c5c6c58 
Note that we now properly report the offending cast instead of the expression
that is being cast.
@jketema
Convert MSC33-C to the new dataflow library
8fdea49 
As it is the dataflow used by `asctime` that is relevant, and not the pointer,
use the indirect expression.
@jketema
Convert MSC51-CPP to the new dataflow library
3289621
@jketema
Convert CTR56-CPP to the new dataflow library
d20cd3a
@jketema
Convert EXP51-CPP ot use the new dataflow library
77e8e0e
@jketema
Conver M3-9-3 to use the new dataflow library
57b6091
@jketema
Convert A9-3-1 to use the new dataflow library
357ee08
@jketema
Convert A27-0-4 to use the new dataflow library
30114c5
@jketema
Convert A5-0-4 to use the new dataflow library
d313bf2
@jketema
Merge pull request #920 from jketema/jketema/dataflow
500e96a 
Convert a number of queries to use the new dataflow library
@jketema
Update expected test results for MSC33-C
8529fbb
@jketema
Merge pull request #921 from jketema/jketema/dataflow
363faea 
Update expected test results for MSC33-C
@jketema
Create temporary copies of parts of the concurrency library
012ac3d 
These use the new dataflow library
@jketema
Convert CON30-C to use the new dataflow library
22b8860
@jketema
Convert CON34-C to the new dataflow library
0a846c7 
Since the new dataflow library uses use-use dataflow and not def-use dataflow,
we now need to check for definitions. Note that these queries can probably be
improved by using a dataflow configuration - possibly limited to the local
context of a function by including `DataFlow::FeatureEqualSourceSinkCallContext`
@jketema
Move queries not depending on dataflow over to ConcurrencyNew
1c1f3fb
@jketema
Convert UseOnlyArrayIndexingForPointerArithmetic to use the new dataf…
3ba33c0 
…low library
@jketema
Convert StringNumberConversionMissingErrorCheck to use the new datafl…
e2d44a6 
…ow library
jketema and others added 27 commits May 19, 2026 11:18
@jketema
Update expected test results
da5f262
@jketema
Update references to deprecated classes
4349da6
@jketema
Update references to deprecated classes
99a5245
@mbaluda
Use the new dataflow module wherever possible without affecting any t…
a568bf4 
…est behavior

- Updated various QL files to replace deprecated 'DataFlow' and 'TaintTracking' imports with 'new.DataFlow' and 'new.TaintTracking'.
- Removed warnings related to deprecated modules in test expectations for affected rules.
@mbaluda
Refactor imports to use the updated DataFlow module in CleanUpThreadS…
ec7adb3 
…pecificStorage and AccessOfUndefinedMemberThroughUninitializedStaticPointer
@mbaluda
Fix import path for DataFlow module in PlacementNewNotProperlyAligned…
db5cd46 
….qll
@mbaluda
Update expected warnings to reflect deprecation of DataFlow and Taint…
c733b75 
…Tracking modules
@mbaluda
Merge branch 'main' into mbaluda-new-dataflow
a0d501e
@mbaluda
Revert "Update type alias class names"
d76a183 
This reverts commit 08b109d.
@mbaluda
Add .qlx files to .gitignore for CodeQL build artifacts
9a3ee4c
@mbaluda
Update CodeQL to versions v2.23.3
0b206ff
@mbaluda
Merge branch 'mbaluda-new-dataflow' into mbaluda-next
ed7bd0f
@mbaluda
Update cpp-all dependency version to 6.0.0
b82665a
@mbaluda
Fix tests cases
dd75ded
@mbaluda
Update .expected files
2927415
@mbaluda
Merge branch 'main' into mbaluda-next
08a8b49
@mbaluda
Add change note
056c20b 
Add change note.
@mbaluda
Potential fix for pull request finding
1cea4ea 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@mbaluda
Potential fix for pull request finding
2031151 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@mbaluda
Fix formatting of cpp-all dependency in multiple qlpack.yml files
9d4ac96
@mbaluda
FOrmat test case
610a27b
@mbaluda
Refactor IndirectUninitializedNode to remove unused import
eb0c982
@mbaluda
Fix expected file
a4ebed2
@mbaluda
Fix performance issue in EXP37-C
0ce2c64
@mbaluda
Fix query format
55b6f53
@mbaluda
Performance fix
a15423e 
Update error message format in EXP50-CPP rule and adjust SideEffect module imports
@mbaluda
Try remove MacroUnwrapper
2cdb227
GitHub Advanced Security started work on behalf of mbaluda June 29, 2026 22:02 View session
GitHub Advanced Security finished work on behalf of mbaluda June 29, 2026 22:03
@codeql-coding-standards-automation

codeql-coding-standards-automation Bot commented Jun 30, 2026

Copy link
Copy Markdown

🏁 Beep Boop! Performance testing complete! See below for performance of the last 3 runs vs your PR. Times are based on predicate performance. You can find full graphs and stats in the PR that was created for this test in the release engineering repo. 


Release                            : v2.60.0
Platform                           : x86-windows
Language                           : c
Total_Serialized_Execution_Time_Ms : 3326599
Mean_Predicate_Execution_Time_Ms   : 64.96502363004335
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 512.262910554225
Total_Serialized_Execution_Time_s  : 3326.599
Mean_Query_Execution_Time_s        : 0.0649650236300433
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 185.0
Number_of_Predicates               : 51206

Release                            : v2.60.0
Platform                           : x86-windows
Language                           : cpp
Total_Serialized_Execution_Time_Ms : 4817689
Mean_Predicate_Execution_Time_Ms   : 67.30966119455117
Median_Predicate_Execution_Time_Ms : 1.0
Standard_Deviation_Ms              : 458.1131446697552
Total_Serialized_Execution_Time_s  : 4817.689
Mean_Query_Execution_Time_s        : 0.0673096611945511
Median_Predicate_Execution_Time_s  : 0.001
Percentile95_Ms                    : 227.0
Number_of_Predicates               : 71575

Release                            : v2.60.0
Platform                           : x86-linux
Language                           : c
Total_Serialized_Execution_Time_Ms : 2651790
Mean_Predicate_Execution_Time_Ms   : 51.91241533221096
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 542.373048121457
Total_Serialized_Execution_Time_s  : 2651.79
Mean_Query_Execution_Time_s        : 0.0519124153322109
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 139.0
Number_of_Predicates               : 51082

Release                            : v2.60.0
Platform                           : x86-linux
Language                           : cpp
Total_Serialized_Execution_Time_Ms : 4440651
Mean_Predicate_Execution_Time_Ms   : 62.29170407361688
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 569.4574578020323
Total_Serialized_Execution_Time_s  : 4440.651
Mean_Query_Execution_Time_s        : 0.0622917040736168
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 159.0
Number_of_Predicates               : 71288

Release                            : v2.61.0
Platform                           : x86-windows
Language                           : c
Total_Serialized_Execution_Time_Ms : 3266370
Mean_Predicate_Execution_Time_Ms   : 63.90362718628947
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 503.1579843913974
Total_Serialized_Execution_Time_s  : 3266.37
Mean_Query_Execution_Time_s        : 0.0639036271862894
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 191.0
Number_of_Predicates               : 51114

Release                            : v2.61.0
Platform                           : x86-windows
Language                           : cpp
Total_Serialized_Execution_Time_Ms : 4756186
Mean_Predicate_Execution_Time_Ms   : 66.62911337433282
Median_Predicate_Execution_Time_Ms : 1.0
Standard_Deviation_Ms              : 451.0173047967091
Total_Serialized_Execution_Time_s  : 4756.186
Mean_Query_Execution_Time_s        : 0.0666291133743328
Median_Predicate_Execution_Time_s  : 0.001
Percentile95_Ms                    : 208.0
Number_of_Predicates               : 71383

Release                            : v2.61.0
Platform                           : x86-linux
Language                           : c
Total_Serialized_Execution_Time_Ms : 2784651
Mean_Predicate_Execution_Time_Ms   : 54.388777124553215
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 610.0917903271135
Total_Serialized_Execution_Time_s  : 2784.651
Mean_Query_Execution_Time_s        : 0.0543887771245532
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 142.0
Number_of_Predicates               : 51199

Release                            : v2.61.0
Platform                           : x86-linux
Language                           : cpp
Total_Serialized_Execution_Time_Ms : 4615626
Mean_Predicate_Execution_Time_Ms   : 64.84988900441172
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 574.4148904892992
Total_Serialized_Execution_Time_s  : 4615.626
Mean_Query_Execution_Time_s        : 0.0648498890044117
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 165.0
Number_of_Predicates               : 71174

Release                            : 1153
Platform                           : x86-linux
Language                           : cpp
Total_Serialized_Execution_Time_Ms : 5259402
Mean_Predicate_Execution_Time_Ms   : 69.51180249002141
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 656.3993894594287
Total_Serialized_Execution_Time_s  : 5259.402
Mean_Query_Execution_Time_s        : 0.0695118024900214
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 163.0
Number_of_Predicates               : 75662

Release                            : 1153
Platform                           : x86-linux
Language                           : c
Total_Serialized_Execution_Time_Ms : 2840344
Mean_Predicate_Execution_Time_Ms   : 51.95814583104672
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 539.283297371337
Total_Serialized_Execution_Time_s  : 2840.344
Mean_Query_Execution_Time_s        : 0.0519581458310467
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 136.75
Number_of_Predicates               : 54666

🏁 Below are the slowest predicates for the last 2 releases vs this PR. 


Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : c
Suite             : misra-default
Predicate         : Macro::MacroInvocation.getAnAffectedElement/0#dispred#d1462297_10#join_rhs
Execution_Time_Ms : 33098

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : cpp
Suite             : misra-default
Predicate         : QualifiedName::getUserTypeNameWithoutArgs/1#8cfc98e9
Execution_Time_Ms : 17638

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : _Macro::Macro.getName/0#dispred#e28b3699_Preprocessor::PreprocessorBranchDirective#bcd2bde4#b_Prepro__#antijoin_rhs
Execution_Time_Ms : 49239

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : cpp
Suite             : misra-default
Predicate         : Macro::MacroInvocation.getAnAffectedElement/0#dispred#d1462297_10#join_rhs
Execution_Time_Ms : 38755

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : QualifiedName::getUserTypeNameWithoutArgs/1#8cfc98e9
Execution_Time_Ms : 31182

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : QualifiedName::getUserTypeNameWithoutArgs/1#8cfc98e9
Execution_Time_Ms : 30647

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : cpp
Suite             : misra-default
Predicate         : IncompatibleFunctionDeclaration::interestedInFunctions/4#95575433
Execution_Time_Ms : 20639

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : OutOfBounds::OOB::libraryFunctionNameParamTable/5#79217c12
Execution_Time_Ms : 38785

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : _Class::Class.getALinkTarget/0#dispred#29b2b38a#bf_Class::Class.getALinkTarget/0#dispred#29b2b38a#bf__#shared
Execution_Time_Ms : 27762

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : cpp
Suite             : autosar-default
Predicate         : FunctionEquivalence::typeSig/1#194ac728
Execution_Time_Ms : 25220

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : OutOfBounds::OOB::libraryFunctionNameParamTableSimpleString/5#6de8614f#cpe#1236
Execution_Time_Ms : 43006

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : VirtualDispatchPrototype::VirtualDispatch::cannotInheritHelper/4#7c75bd87
Execution_Time_Ms : 27715

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : c
Suite             : misra-default
Predicate         : OutOfBounds::OOB::libraryFunctionNameParamTableSimpleString/5#6de8614f#cpe#1236
Execution_Time_Ms : 30727

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : CheckedException::CheckedException#b0aa5ec8
Execution_Time_Ms : 28801

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : cpp
Suite             : misra-default
Predicate         : Macro::MacroInvocation.getAnAffectedElement/0#dispred#d1462297_10#join_rhs
Execution_Time_Ms : 30704

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : CharacterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode::getUniversalCharacterName/1#36dbaa42
Execution_Time_Ms : 29041

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : cpp
Suite             : autosar-default
Predicate         : Dependency::dependsOnTransitive/2#cbda84a0
Execution_Time_Ms : 18772

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : c
Suite             : cert-default
Predicate         : IncompatibleFunctionDeclaration::interestedInFunctions/4#95575433
Execution_Time_Ms : 28367

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : c
Suite             : misra-default
Predicate         : _Macro::Macro.getName/0#dispred#e28b3699_Preprocessor::PreprocessorBranchDirective#bcd2bde4#b_Prepro__#antijoin_rhs
Execution_Time_Ms : 32365

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : c
Suite             : misra-default
Predicate         : _Class::Class.getALinkTarget/0#dispred#29b2b38a#bf_Class::Class.getALinkTarget/0#dispred#29b2b38a#bf__#shared
Execution_Time_Ms : 23350

Release           : 1153
Run               : 2026-06-29_22-03-49
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : HoldsForAllCopies::HoldsForAllCopies<DeadCode::DeadOperationInstance,Expr::Expr>::RelevantElement#acaf8a9e
Execution_Time_Ms : 44795

Release           : 1153
Run               : 2026-06-29_22-03-49
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : OutOfBounds::OOB::libraryFunctionNameParamTableSimpleString/5#6de8614f#cpe#1236
Execution_Time_Ms : 33229

Release           : 1153
Run               : 2026-06-29_22-03-49
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : _Class::Class.getALinkTarget/0#dispred#29b2b38a#bf_Class::Class.getALinkTarget/0#dispred#29b2b38a#bf__#shared
Execution_Time_Ms : 34569

Release           : 1153
Run               : 2026-06-29_22-03-49
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : _Macro::Macro.getName/0#dispred#e28b3699_Preprocessor::PreprocessorBranchDirective#bcd2bde4#b_Prepro__#antijoin_rhs
Execution_Time_Ms : 28135

Release           : 1153
Run               : 2026-06-29_22-03-49
Platform          : x86-linux
Language          : c
Suite             : cert-default
Predicate         : InitializationFunctions::typeSig/1#132168f1
Execution_Time_Ms : 30565

Release           : 1153
Run               : 2026-06-29_22-03-49
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : Declaration::Declaration.getQualifiedName/0#dispred#4508fade#bf
Execution_Time_Ms : 31957

Release           : 1153
Run               : 2026-06-29_22-03-49
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : FunctionEquivalence::typeSig/1#194ac728
Execution_Time_Ms : 32653

Release           : 1153
Run               : 2026-06-29_22-03-49
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : SmartPointers::localExprFlow/2#e8a2b02b
Execution_Time_Ms : 46758

Release           : 1153
Run               : 2026-06-29_22-03-49
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : QualifiedName::getUserTypeNameWithoutArgs/1#8cfc98e9
Execution_Time_Ms : 32293

Release           : 1153
Run               : 2026-06-29_22-03-49
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : CharacterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode::getUniversalCharacterName/1#36dbaa42
Execution_Time_Ms : 34119

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@mbaluda @jketema @IdrissRio @MathiasVP @paldepind