From 20280e711934e611bdccc4c1f063aae10cab4036 Mon Sep 17 00:00:00 2001
From: Mauro Baluda <mbaluda@github.com>
Date: Fri, 26 Jun 2026 21:36:14 +0200
Subject: [PATCH 1/2] Update error message format in EXP50-CPP rule and adjust
 SideEffect module imports

---
 ...rOfScalarObjectEvaluationForSideEffects.ql |  2 +-
 ...larObjectEvaluationForSideEffects.expected | 46 ++++++++++++-------
 .../src/codingstandards/cpp/SideEffect.qll    |  2 +-
 .../cpp/standardlibrary/STLContainers.qll     |  2 +-
 4 files changed, 32 insertions(+), 20 deletions(-)

diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql
index 82b7d4e8dc..d12c7c4e7b 100644
--- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql
+++ b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql
@@ -33,5 +33,5 @@ where
   va1 = ve.getAnAccess() and
   FullExprOrdering::isUnsequenced(va1, va2) and
   v = va1.getTarget()
-select e, "Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@.",
+select e, "Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@.",
   v, v.getName(), ve, "side-effect", va2, "side-effect or value computation"
diff --git a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.expected b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.expected
index a7d5f0e42f..3bbdf84e9b 100644
--- a/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.expected
+++ b/cpp/cert/test/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.expected
@@ -1,17 +1,29 @@
-| test.cpp:8:3:9:8 | ... = ... | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:8:3:9:8 | ... = ... | side-effect | test.cpp:8:10:8:11 | g1 | side-effect or value computation |
-| test.cpp:8:3:9:8 | ... = ... | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:8:8:8:11 | ++ ... | side-effect | test.cpp:8:3:8:4 | g1 | side-effect or value computation |
-| test.cpp:10:3:10:15 | ... = ... | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:10:6:10:9 | ... ++ | side-effect | test.cpp:10:14:10:15 | g1 | side-effect or value computation |
-| test.cpp:14:3:14:12 | ... += ... | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:14:3:14:12 | ... += ... | side-effect | test.cpp:14:9:14:10 | g1 | side-effect or value computation |
-| test.cpp:14:3:14:12 | ... += ... | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:14:9:14:12 | ... ++ | side-effect | test.cpp:14:3:14:4 | g1 | side-effect or value computation |
-| test.cpp:15:3:16:11 | ... = ... | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:15:3:16:11 | ... = ... | side-effect | test.cpp:15:8:15:9 | g1 | side-effect or value computation |
-| test.cpp:15:3:16:11 | ... = ... | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:15:8:16:11 | ... += ... | side-effect | test.cpp:15:3:15:4 | g1 | side-effect or value computation |
-| test.cpp:21:3:21:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:20:13:20:14 | p1 | p1 | test.cpp:21:6:21:9 | ... ++ | side-effect | test.cpp:21:12:21:13 | p1 | side-effect or value computation |
-| test.cpp:28:13:28:13 | call to operator<< | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:26:13:26:14 | p1 | p1 | test.cpp:27:16:27:19 | ... ++ | side-effect | test.cpp:27:24:27:25 | p1 | side-effect or value computation |
-| test.cpp:92:3:92:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:62:25:62:30 | ++ ... | side-effect | test.cpp:92:18:92:18 | i | side-effect or value computation |
-| test.cpp:92:3:92:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:66:3:66:8 | ... = ... | side-effect | test.cpp:92:10:92:10 | i | side-effect or value computation |
-| test.cpp:93:3:93:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:62:25:62:30 | ++ ... | side-effect | test.cpp:93:10:93:10 | i | side-effect or value computation |
-| test.cpp:93:3:93:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:62:25:62:30 | ++ ... | side-effect | test.cpp:93:19:93:19 | i | side-effect or value computation |
-| test.cpp:95:3:95:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:63:25:63:27 | ++ ... | side-effect | test.cpp:95:16:95:16 | i | side-effect or value computation |
-| test.cpp:95:3:95:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:71:3:71:7 | ... = ... | side-effect | test.cpp:95:9:95:9 | i | side-effect or value computation |
-| test.cpp:96:3:96:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:63:25:63:27 | ++ ... | side-effect | test.cpp:96:9:96:9 | i | side-effect or value computation |
-| test.cpp:96:3:96:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced in relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:63:25:63:27 | ++ ... | side-effect | test.cpp:96:17:96:17 | i | side-effect or value computation |
+| test.cpp:8:3:9:8 | ... = ... | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:8:3:9:8 | ... = ... | side-effect | test.cpp:8:10:8:11 | g1 | side-effect or value computation |
+| test.cpp:8:3:9:8 | ... = ... | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:8:8:8:11 | ++ ... | side-effect | test.cpp:8:3:8:4 | g1 | side-effect or value computation |
+| test.cpp:10:3:10:15 | ... = ... | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:10:6:10:9 | ... ++ | side-effect | test.cpp:10:14:10:15 | g1 | side-effect or value computation |
+| test.cpp:14:3:14:12 | ... += ... | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:14:3:14:12 | ... += ... | side-effect | test.cpp:14:9:14:10 | g1 | side-effect or value computation |
+| test.cpp:14:3:14:12 | ... += ... | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:14:9:14:12 | ... ++ | side-effect | test.cpp:14:3:14:4 | g1 | side-effect or value computation |
+| test.cpp:15:3:16:11 | ... = ... | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:15:3:16:11 | ... = ... | side-effect | test.cpp:15:8:15:9 | g1 | side-effect or value computation |
+| test.cpp:15:3:16:11 | ... = ... | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:4:5:4:6 | g1 | g1 | test.cpp:15:8:16:11 | ... += ... | side-effect | test.cpp:15:3:15:4 | g1 | side-effect or value computation |
+| test.cpp:21:3:21:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:20:13:20:14 | p1 | p1 | test.cpp:21:6:21:9 | ... ++ | side-effect | test.cpp:21:12:21:13 | p1 | side-effect or value computation |
+| test.cpp:28:13:28:13 | call to operator<< | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:26:13:26:14 | p1 | p1 | test.cpp:27:16:27:19 | ... ++ | side-effect | test.cpp:27:24:27:25 | p1 | side-effect or value computation |
+| test.cpp:92:3:92:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:62:25:62:30 | ++ ... | side-effect | test.cpp:92:10:92:10 | i | side-effect or value computation |
+| test.cpp:92:3:92:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:62:25:62:30 | ++ ... | side-effect | test.cpp:92:18:92:18 | i | side-effect or value computation |
+| test.cpp:92:3:92:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:63:25:63:27 | ++ ... | side-effect | test.cpp:92:10:92:10 | i | side-effect or value computation |
+| test.cpp:92:3:92:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:63:25:63:27 | ++ ... | side-effect | test.cpp:92:18:92:18 | i | side-effect or value computation |
+| test.cpp:92:3:92:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:66:3:66:8 | ... = ... | side-effect | test.cpp:92:10:92:10 | i | side-effect or value computation |
+| test.cpp:92:3:92:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:66:3:66:8 | ... = ... | side-effect | test.cpp:92:18:92:18 | i | side-effect or value computation |
+| test.cpp:92:3:92:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:71:3:71:7 | ... = ... | side-effect | test.cpp:92:10:92:10 | i | side-effect or value computation |
+| test.cpp:92:3:92:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:71:3:71:7 | ... = ... | side-effect | test.cpp:92:18:92:18 | i | side-effect or value computation |
+| test.cpp:93:3:93:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:62:25:62:30 | ++ ... | side-effect | test.cpp:93:10:93:10 | i | side-effect or value computation |
+| test.cpp:93:3:93:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:62:25:62:30 | ++ ... | side-effect | test.cpp:93:19:93:19 | i | side-effect or value computation |
+| test.cpp:93:3:93:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:63:25:63:27 | ++ ... | side-effect | test.cpp:93:10:93:10 | i | side-effect or value computation |
+| test.cpp:93:3:93:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:63:25:63:27 | ++ ... | side-effect | test.cpp:93:19:93:19 | i | side-effect or value computation |
+| test.cpp:93:3:93:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:71:3:71:7 | ... = ... | side-effect | test.cpp:93:10:93:10 | i | side-effect or value computation |
+| test.cpp:93:3:93:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:71:3:71:7 | ... = ... | side-effect | test.cpp:93:19:93:19 | i | side-effect or value computation |
+| test.cpp:95:3:95:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:63:25:63:27 | ++ ... | side-effect | test.cpp:95:9:95:9 | i | side-effect or value computation |
+| test.cpp:95:3:95:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:63:25:63:27 | ++ ... | side-effect | test.cpp:95:16:95:16 | i | side-effect or value computation |
+| test.cpp:95:3:95:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:71:3:71:7 | ... = ... | side-effect | test.cpp:95:9:95:9 | i | side-effect or value computation |
+| test.cpp:95:3:95:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:71:3:71:7 | ... = ... | side-effect | test.cpp:95:16:95:16 | i | side-effect or value computation |
+| test.cpp:96:3:96:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:63:25:63:27 | ++ ... | side-effect | test.cpp:96:9:96:9 | i | side-effect or value computation |
+| test.cpp:96:3:96:4 | call to f2 | Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@. | test.cpp:91:7:91:7 | i | i | test.cpp:63:25:63:27 | ++ ... | side-effect | test.cpp:96:17:96:17 | i | side-effect or value computation |
diff --git a/cpp/common/src/codingstandards/cpp/SideEffect.qll b/cpp/common/src/codingstandards/cpp/SideEffect.qll
index e2ca55e350..53421c410e 100644
--- a/cpp/common/src/codingstandards/cpp/SideEffect.qll
+++ b/cpp/common/src/codingstandards/cpp/SideEffect.qll
@@ -1,7 +1,7 @@
 /** A module to reason about side effects. */
 
 import cpp
-private import semmle.code.cpp.dataflow.DataFlow
+private import semmle.code.cpp.dataflow.new.DataFlow
 private import exceptions.ExceptionFlow
 private import codingstandards.cpp.Expr
 private import codingstandards.cpp.Variable
diff --git a/cpp/common/src/codingstandards/cpp/standardlibrary/STLContainers.qll b/cpp/common/src/codingstandards/cpp/standardlibrary/STLContainers.qll
index bc8aac43f6..4326b88bba 100644
--- a/cpp/common/src/codingstandards/cpp/standardlibrary/STLContainers.qll
+++ b/cpp/common/src/codingstandards/cpp/standardlibrary/STLContainers.qll
@@ -311,7 +311,7 @@ abstract class ContainerAccess extends VariableAccess {
   abstract Variable getOwningContainer();
 }
 
-pragma[noinline, nomagic]
+pragma[inline]
 private predicate localTaint(DataFlow::Node n1, DataFlow::Node n2) {
   TaintTracking::localTaint(n1, n2)
 }

From f89d9e0c358a7923accb6486eaf9d7d4c3dc028a Mon Sep 17 00:00:00 2001
From: Mauro Baluda <mbaluda@github.com>
Date: Fri, 26 Jun 2026 21:39:14 +0200
Subject: [PATCH 2/2] Fix formatting in select statement for EXP50-CPP rule

---
 ...tDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql
index d12c7c4e7b..9de227bc88 100644
--- a/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql
+++ b/cpp/cert/src/rules/EXP50-CPP/DoNotDependOnTheOrderOfScalarObjectEvaluationForSideEffects.ql
@@ -33,5 +33,5 @@ where
   va1 = ve.getAnAccess() and
   FullExprOrdering::isUnsequenced(va1, va2) and
   v = va1.getTarget()
-select e, "Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@.",
-  v, v.getName(), ve, "side-effect", va2, "side-effect or value computation"
+select e, "Scalar object referenced by $@ has a $@ that is unsequenced relative to another $@.", v,
+  v.getName(), ve, "side-effect", va2, "side-effect or value computation"