Skip to content

Merge branch next and update CodeQL to v2.23.3#1149

Draft
mbaluda wants to merge 156 commits into
mainfrom
mbaluda-next
Draft

Merge branch next and update CodeQL to v2.23.3#1149
mbaluda wants to merge 156 commits into
mainfrom
mbaluda-next

Conversation

@mbaluda

@mbaluda mbaluda commented Jun 24, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

Description

This pull request upgrades CodeQL dependencies, updates dataflow and concurrency imports to use newer modules, and refines several rule implementations for improved accuracy and maintainability. The changes ensure compatibility with the latest CodeQL libraries and enhance the precision of certain queries.

Dependency and Import Upgrades:

  • Upgraded codeql/cpp-all to version 6.0.0 and updated several other CodeQL dependencies to their latest versions in both qlpack.yml and codeql-pack.lock.yml. Also added codeql/controlflow as a new dependency. [1] [2]
  • Replaced imports of semmle.code.cpp.dataflow.DataFlow and semmle.code.cpp.dataflow.TaintTracking with semmle.code.cpp.dataflow.new.DataFlow and semmle.code.cpp.dataflow.new.TaintTracking across all rule files, ensuring use of the latest dataflow libraries. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]
  • Updated concurrency-related imports from codingstandards.cpp.Concurrency to codingstandards.cpp.ConcurrencyNew throughout the codebase. [1] [2] [3] [4] [5] [6] [7]

These changes collectively modernize the codebase, improve compatibility with the latest CodeQL features, and enhance the precision and maintainability of CERT C rules.

Change request type

  • Release or process automation (GitHub workflows, internal scripts)
  • Internal documentation
  • External documentation
  • Query files (.ql, .qll, .qls or unit tests)
  • External scripts (analysis report or other code shipped as part of a release)

Rules with added or modified queries

  • No rules added
  • Queries have been added for the following rules:
    • rule number here
  • Queries have been modified for the following rules:
    • Several queries have been refactored to compile with CodeQL v2.23.3

Release change checklist

A change note (development_handbook.md#change-notes) is required for any pull request which modifies:

  • The structure or layout of the release artifacts.
  • The evaluation performance (memory, execution time) of an existing query.
  • The results of an existing query in any circumstance.

If you are only adding new rule queries, a change note is not required.

Author: Is a change note required?

  • Yes
  • No

🚨🚨🚨
Reviewer: Confirm that format of shared queries (not the .qll file, the
.ql file that imports it) is valid by running them within VS Code.

  • Confirmed

Reviewer: Confirm that either a change note is not required or the change note is required and has been added.

  • Confirmed

Query development review checklist

For PRs that add new queries or modify existing queries, the following checklist should be completed by both the author and reviewer:

Author

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

Reviewer

  • Have all the relevant rule package description files been checked in?
  • Have you verified that the metadata properties of each new query is set appropriately?
  • Do all the unit tests contain both "COMPLIANT" and "NON_COMPLIANT" cases?
  • Are the alert messages properly formatted and consistent with the style guide?
  • Have you run the queries on OpenPilot and verified that the performance and results are acceptable?
    As a rule of thumb, predicates specific to the query should take no more than 1 minute, and for simple queries be under 10 seconds. If this is not the case, this should be highlighted and agreed in the code review process.
  • Does the query have an appropriate level of in-query comments/documentation?
  • Have you considered/identified possible edge cases?
  • Does the query not reinvent features in the standard library?
  • Can the query be simplified further (not golfed!)

jketema and others added 30 commits March 6, 2025 13:52
@jketema
Update expected test results after frontend update
1c82682
@jketema
Merge pull request #865 from jketema/frontend-update
ce14612 
Update expected test results after frontend update
@jketema
Merge branch 'main' into next
d6b55ca
@jketema
Update MISRA queries and tests after merging location tables
f07f569
@jketema
Merge pull request #915 from jketema/loc-table-merge
3b4a91c 
Update MISRA queries and tests after merging location tables
@IdrissRio
C++: accept new test results after QL changes
67adebb
@jketema
Merge pull request #916 from IdrissRio/next
60c2e05 
C++: accept new test results after QL changes
@jketema
Merge remote-tracking branch 'upstream/main' into next
740bcd0
@jketema
Comvert ARR37-C to use the new dataflow library
2089bcd
@jketema
Conver ARR39-C to the new dataflow library
cf1b625 
Observe that `sizeof(...)` might not occur as a dataflow node if it has a
parent node with a concrete value. That value will be a dataflow node instead.
Hence, the query has be changed to check for expressions where `sizeof(...)`
is a child of an expression with a concrete value.
@jketema
Convert ERR30-C to use the new dataflow library
8d73f3b
@jketema
Convert FIO45-C to use the new dataflow library
7a1577e
@jketema
Convert EXP36-C to the new datafow library
c5c6c58 
Note that we now properly report the offending cast instead of the expression
that is being cast.
@jketema
Convert MSC33-C to the new dataflow library
8fdea49 
As it is the dataflow used by `asctime` that is relevant, and not the pointer,
use the indirect expression.
@jketema
Convert MSC51-CPP to the new dataflow library
3289621
@jketema
Convert CTR56-CPP to the new dataflow library
d20cd3a
@jketema
Convert EXP51-CPP ot use the new dataflow library
77e8e0e
@jketema
Conver M3-9-3 to use the new dataflow library
57b6091
@jketema
Convert A9-3-1 to use the new dataflow library
357ee08
@jketema
Convert A27-0-4 to use the new dataflow library
30114c5
@jketema
Convert A5-0-4 to use the new dataflow library
d313bf2
@jketema
Merge pull request #920 from jketema/jketema/dataflow
500e96a 
Convert a number of queries to use the new dataflow library
@jketema
Update expected test results for MSC33-C
8529fbb
@jketema
Merge pull request #921 from jketema/jketema/dataflow
363faea 
Update expected test results for MSC33-C
@jketema
Create temporary copies of parts of the concurrency library
012ac3d 
These use the new dataflow library
@jketema
Convert CON30-C to use the new dataflow library
22b8860
@jketema
Convert CON34-C to the new dataflow library
0a846c7 
Since the new dataflow library uses use-use dataflow and not def-use dataflow,
we now need to check for definitions. Note that these queries can probably be
improved by using a dataflow configuration - possibly limited to the local
context of a function by including `DataFlow::FeatureEqualSourceSinkCallContext`
@jketema
Move queries not depending on dataflow over to ConcurrencyNew
1c1f3fb
@jketema
Convert UseOnlyArrayIndexingForPointerArithmetic to use the new dataf…
3ba33c0 
…low library
@jketema
Convert StringNumberConversionMissingErrorCheck to use the new datafl…
e2d44a6 
…ow library
@mbaluda
Potential fix for pull request finding
1cea4ea 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
GitHub Advanced Security started work on behalf of mbaluda June 25, 2026 15:17 View session
GitHub Advanced Security finished work on behalf of mbaluda June 25, 2026 15:18
@mbaluda
Potential fix for pull request finding
2031151 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
GitHub Advanced Security started work on behalf of mbaluda June 25, 2026 15:22 View session
GitHub Advanced Security finished work on behalf of mbaluda June 25, 2026 15:23
GitHub Advanced Security started work on behalf of mbaluda June 25, 2026 15:24 View session
GitHub Advanced Security finished work on behalf of mbaluda June 25, 2026 15:25
GitHub Advanced Security started work on behalf of mbaluda June 25, 2026 15:27 View session
GitHub Advanced Security finished work on behalf of mbaluda June 25, 2026 15:28
GitHub Advanced Security started work on behalf of mbaluda June 25, 2026 15:55 View session
GitHub Advanced Security finished work on behalf of mbaluda June 25, 2026 15:56
@mbaluda mbaluda marked this pull request as draft June 25, 2026 17:12
@mbaluda mbaluda removed the request for review from a team June 25, 2026 17:12
GitHub Advanced Security started work on behalf of mbaluda June 25, 2026 17:33 View session
GitHub Advanced Security finished work on behalf of mbaluda June 25, 2026 17:33
GitHub Advanced Security started work on behalf of mbaluda June 26, 2026 16:26 View session
GitHub Advanced Security finished work on behalf of mbaluda June 26, 2026 16:27
GitHub Advanced Security started work on behalf of mbaluda June 26, 2026 16:29 View session
GitHub Advanced Security finished work on behalf of mbaluda June 26, 2026 16:30
@codeql-coding-standards-automation

codeql-coding-standards-automation Bot commented Jun 26, 2026

Copy link
Copy Markdown

🏁 Beep Boop! Performance testing complete! See below for performance of the last 3 runs vs your PR. Times are based on predicate performance. You can find full graphs and stats in the PR that was created for this test in the release engineering repo. 


Release                            : v2.60.0
Platform                           : x86-linux
Language                           : cpp
Total_Serialized_Execution_Time_Ms : 4440651
Mean_Predicate_Execution_Time_Ms   : 62.29170407361688
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 569.4574578020323
Total_Serialized_Execution_Time_s  : 4440.651
Mean_Query_Execution_Time_s        : 0.0622917040736168
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 159.0
Number_of_Predicates               : 71288

Release                            : v2.60.0
Platform                           : x86-windows
Language                           : c
Total_Serialized_Execution_Time_Ms : 3326599
Mean_Predicate_Execution_Time_Ms   : 64.96502363004335
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 512.262910554225
Total_Serialized_Execution_Time_s  : 3326.599
Mean_Query_Execution_Time_s        : 0.0649650236300433
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 185.0
Number_of_Predicates               : 51206

Release                            : v2.60.0
Platform                           : x86-windows
Language                           : cpp
Total_Serialized_Execution_Time_Ms : 4817689
Mean_Predicate_Execution_Time_Ms   : 67.30966119455117
Median_Predicate_Execution_Time_Ms : 1.0
Standard_Deviation_Ms              : 458.1131446697552
Total_Serialized_Execution_Time_s  : 4817.689
Mean_Query_Execution_Time_s        : 0.0673096611945511
Median_Predicate_Execution_Time_s  : 0.001
Percentile95_Ms                    : 227.0
Number_of_Predicates               : 71575

Release                            : v2.60.0
Platform                           : x86-linux
Language                           : c
Total_Serialized_Execution_Time_Ms : 2651790
Mean_Predicate_Execution_Time_Ms   : 51.91241533221096
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 542.373048121457
Total_Serialized_Execution_Time_s  : 2651.79
Mean_Query_Execution_Time_s        : 0.0519124153322109
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 139.0
Number_of_Predicates               : 51082

Release                            : v2.61.0
Platform                           : x86-linux
Language                           : cpp
Total_Serialized_Execution_Time_Ms : 4615626
Mean_Predicate_Execution_Time_Ms   : 64.84988900441172
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 574.4148904892992
Total_Serialized_Execution_Time_s  : 4615.626
Mean_Query_Execution_Time_s        : 0.0648498890044117
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 165.0
Number_of_Predicates               : 71174

Release                            : v2.61.0
Platform                           : x86-windows
Language                           : c
Total_Serialized_Execution_Time_Ms : 3266370
Mean_Predicate_Execution_Time_Ms   : 63.90362718628947
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 503.1579843913974
Total_Serialized_Execution_Time_s  : 3266.37
Mean_Query_Execution_Time_s        : 0.0639036271862894
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 191.0
Number_of_Predicates               : 51114

Release                            : v2.61.0
Platform                           : x86-windows
Language                           : cpp
Total_Serialized_Execution_Time_Ms : 4756186
Mean_Predicate_Execution_Time_Ms   : 66.62911337433282
Median_Predicate_Execution_Time_Ms : 1.0
Standard_Deviation_Ms              : 451.0173047967091
Total_Serialized_Execution_Time_s  : 4756.186
Mean_Query_Execution_Time_s        : 0.0666291133743328
Median_Predicate_Execution_Time_s  : 0.001
Percentile95_Ms                    : 208.0
Number_of_Predicates               : 71383

Release                            : v2.61.0
Platform                           : x86-linux
Language                           : c
Total_Serialized_Execution_Time_Ms : 2784651
Mean_Predicate_Execution_Time_Ms   : 54.388777124553215
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 610.0917903271135
Total_Serialized_Execution_Time_s  : 2784.651
Mean_Query_Execution_Time_s        : 0.0543887771245532
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 142.0
Number_of_Predicates               : 51199

Release                            : 1149
Platform                           : x86-linux
Language                           : c
Total_Serialized_Execution_Time_Ms : 2876047
Mean_Predicate_Execution_Time_Ms   : 52.68160753210118
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 650.7770625397736
Total_Serialized_Execution_Time_s  : 2876.047
Mean_Query_Execution_Time_s        : 0.0526816075321011
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 134.0
Number_of_Predicates               : 54593

Release                            : 1149
Platform                           : x86-linux
Language                           : cpp
Total_Serialized_Execution_Time_Ms : 8857776
Mean_Predicate_Execution_Time_Ms   : 116.00020953378731
Median_Predicate_Execution_Time_Ms : 0.0
Standard_Deviation_Ms              : 6355.639344762244
Total_Serialized_Execution_Time_s  : 8857.776
Mean_Query_Execution_Time_s        : 0.1160002095337873
Median_Predicate_Execution_Time_s  : 0.0
Percentile95_Ms                    : 176.0
Number_of_Predicates               : 76360

🏁 Below are the slowest predicates for the last 2 releases vs this PR. 


Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : c
Suite             : cert-default
Predicate         : IncompatibleFunctionDeclaration::interestedInFunctions/4#95575433
Execution_Time_Ms : 28367

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : c
Suite             : misra-default
Predicate         : _Class::Class.getALinkTarget/0#dispred#29b2b38a#bf_Class::Class.getALinkTarget/0#dispred#29b2b38a#bf__#shared
Execution_Time_Ms : 23350

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : c
Suite             : misra-default
Predicate         : Macro::MacroInvocation.getAnAffectedElement/0#dispred#d1462297_10#join_rhs
Execution_Time_Ms : 33098

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : _Macro::Macro.getName/0#dispred#e28b3699_Preprocessor::PreprocessorBranchDirective#bcd2bde4#b_Prepro__#antijoin_rhs
Execution_Time_Ms : 49239

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : VirtualDispatchPrototype::VirtualDispatch::cannotInheritHelper/4#7c75bd87
Execution_Time_Ms : 27715

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : CharacterOutsideTheLanguageStandardBasicSourceCharacterSetUsedInTheSourceCode::getUniversalCharacterName/1#36dbaa42
Execution_Time_Ms : 29041

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : c
Suite             : misra-default
Predicate         : _Macro::Macro.getName/0#dispred#e28b3699_Preprocessor::PreprocessorBranchDirective#bcd2bde4#b_Prepro__#antijoin_rhs
Execution_Time_Ms : 32365

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : c
Suite             : misra-default
Predicate         : OutOfBounds::OOB::libraryFunctionNameParamTableSimpleString/5#6de8614f#cpe#1236
Execution_Time_Ms : 30727

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : QualifiedName::getUserTypeNameWithoutArgs/1#8cfc98e9
Execution_Time_Ms : 30647

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : cpp
Suite             : misra-default
Predicate         : IncompatibleFunctionDeclaration::interestedInFunctions/4#95575433
Execution_Time_Ms : 20639

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : OutOfBounds::OOB::libraryFunctionNameParamTable/5#79217c12
Execution_Time_Ms : 38785

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : _Class::Class.getALinkTarget/0#dispred#29b2b38a#bf_Class::Class.getALinkTarget/0#dispred#29b2b38a#bf__#shared
Execution_Time_Ms : 27762

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : cpp
Suite             : misra-default
Predicate         : QualifiedName::getUserTypeNameWithoutArgs/1#8cfc98e9
Execution_Time_Ms : 17638

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : cpp
Suite             : autosar-default
Predicate         : Dependency::dependsOnTransitive/2#cbda84a0
Execution_Time_Ms : 18772

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : CheckedException::CheckedException#b0aa5ec8
Execution_Time_Ms : 28801

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : QualifiedName::getUserTypeNameWithoutArgs/1#8cfc98e9
Execution_Time_Ms : 31182

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : cpp
Suite             : misra-default
Predicate         : Macro::MacroInvocation.getAnAffectedElement/0#dispred#d1462297_10#join_rhs
Execution_Time_Ms : 30704

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : OutOfBounds::OOB::libraryFunctionNameParamTableSimpleString/5#6de8614f#cpe#1236
Execution_Time_Ms : 43006

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : cpp
Suite             : misra-default
Predicate         : Macro::MacroInvocation.getAnAffectedElement/0#dispred#d1462297_10#join_rhs
Execution_Time_Ms : 38755

Release           : v2.61.0
Run               : 2026-06-16_14-01-24
Platform          : x86-windows
Language          : cpp
Suite             : autosar-default
Predicate         : FunctionEquivalence::typeSig/1#194ac728
Execution_Time_Ms : 25220

Release           : 1149
Run               : 2026-06-26_18-24-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : OutOfBounds::OOB::libraryFunctionNameParamTableSimpleString/5#6de8614f#cpe#1236
Execution_Time_Ms : 36696

Release           : 1149
Run               : 2026-06-26_18-24-24
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : STLContainers::localTaint/2#d71eeced_10#join_rhs
Execution_Time_Ms : 1151798

Release           : 1149
Run               : 2026-06-26_18-24-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : _Macro::Macro.getName/0#dispred#e28b3699_Preprocessor::PreprocessorBranchDirective#bcd2bde4#b_Prepro__#antijoin_rhs
Execution_Time_Ms : 36128

Release           : 1149
Run               : 2026-06-26_18-24-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : Macro::MacroInvocation.getAnAffectedElement/0#dispred#d1462297_10#join_rhs
Execution_Time_Ms : 75594

Release           : 1149
Run               : 2026-06-26_18-24-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : _Class::Class.getALinkTarget/0#dispred#29b2b38a#bf_Class::Class.getALinkTarget/0#dispred#29b2b38a#bf__#shared
Execution_Time_Ms : 37326

Release           : 1149
Run               : 2026-06-26_18-24-24
Platform          : x86-linux
Language          : c
Suite             : misra-default
Predicate         : HoldsForAllCopies::HoldsForAllCopies<DeadCode::DeadOperationInstance,Expr::Expr>::RelevantElement#acaf8a9e
Execution_Time_Ms : 39356

Release           : 1149
Run               : 2026-06-26_18-24-24
Platform          : x86-linux
Language          : cpp
Suite             : cert-default
Predicate         : STLContainers::localTaint/2#d71eeced
Execution_Time_Ms : 550074

Release           : 1149
Run               : 2026-06-26_18-24-24
Platform          : x86-linux
Language          : cpp
Suite             : misra-default
Predicate         : Macro::MacroInvocation.getAnAffectedElement/0#dispred#d1462297_10#join_rhs
Execution_Time_Ms : 84370

Release           : 1149
Run               : 2026-06-26_18-24-24
Platform          : x86-linux
Language          : cpp
Suite             : cert-default
Predicate         : STLContainers::localTaint/2#d71eeced_10#join_rhs
Execution_Time_Ms : 1030200

Release           : 1149
Run               : 2026-06-26_18-24-24
Platform          : x86-linux
Language          : cpp
Suite             : autosar-default
Predicate         : STLContainers::localTaint/2#d71eeced
Execution_Time_Ms : 590452

@mbaluda
Performance fix
a15423e 
Update error message format in EXP50-CPP rule and adjust SideEffect module imports
GitHub Advanced Security started work on behalf of mbaluda June 28, 2026 18:34 View session
GitHub Advanced Security finished work on behalf of mbaluda June 28, 2026 18:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@mbaluda @jketema @IdrissRio @MathiasVP @paldepind