Python: add new shared-CFG-backed control flow graph (additive)#21921

Draft

yoff wants to merge 3 commits into

GitHub Advanced Security / CodeQL completed Jun 25, 2026 in 9s

6 configurations not found

Warning: Code scanning may not have found all the alerts introduced by this pull request, because 6 configurations present on refs/heads/main were not found:

Actions workflow (`rust-analysis.yml`)

❓ .github/workflows/rust-analysis.yml:analyze/language:rust

Actions workflow (`csv-coverage-metrics.yml`)

❓ .github/workflows/csv-coverage-metrics.yml:publish-csharp
❓ .github/workflows/csv-coverage-metrics.yml:publish-java

Actions workflow (`codeql-analysis.yml`)

❓ .github/workflows/codeql-analysis.yml:CodeQL-Build/language:actions
❓ .github/workflows/codeql-analysis.yml:CodeQL-Build/language:csharp

Actions workflow (`cpp-swift-analysis.yml`)

❓ .github/workflows/cpp-swift-analysis.yml:CodeQL-Build

New alerts in code changed by this pull request

27 warnings

See annotations below for details.

View all branch alerts.

Annotations

Check warning on line 34 in python/ql/lib/semmle/python/controlflow/internal/AstNodeImpl.qll

Code scanning / CodeQL

Names only differing by case Warning

Ast is only different by casing from AST that is used elsewhere for modules.

Check warning on line 170 in python/ql/lib/semmle/python/controlflow/internal/AstNodeImpl.qll

Code scanning / CodeQL

Misspelling Warning

This comment contains the non-US spelling 'modelled', which should instead be 'modeled'.

Check warning on line 768 in python/ql/lib/semmle/python/controlflow/internal/AstNodeImpl.qll

Code scanning / CodeQL

Misspelling Warning

This comment contains the non-US spelling 'modelled', which should instead be 'modeled'.

Check warning on line 1216 in python/ql/lib/semmle/python/controlflow/internal/AstNodeImpl.qll

Code scanning / CodeQL

Misspelling Warning

This comment contains the non-US spelling 'modelled', which should instead be 'modeled'.

Check warning on line 1572 in python/ql/lib/semmle/python/controlflow/internal/AstNodeImpl.qll

Code scanning / CodeQL

Misspelling Warning

This comment contains the non-US spelling 'modelled', which should instead be 'modeled'.
This comment contains the non-US spelling 'modelling', which should instead be 'modeling'.

Check warning on line 1573 in python/ql/lib/semmle/python/controlflow/internal/AstNodeImpl.qll

Code scanning / CodeQL

Missing QLDoc for parameter Warning

The QLDoc has no documentation for e, but the QLDoc mentions assert, and await, and raise, and yield

Check warning on line 1618 in python/ql/lib/semmle/python/controlflow/internal/AstNodeImpl.qll

Code scanning / CodeQL

Missing QLDoc for parameter Warning

The QLDoc has no documentation for py, but the QLDoc mentions finally, and try, and with

Check warning on line 1631 in python/ql/lib/semmle/python/controlflow/internal/AstNodeImpl.qll

Code scanning / CodeQL

Misspelling Warning

This comment contains the non-US spelling 'modelling', which should instead be 'modeling'.

Check warning on line 115 in python/ql/lib/semmle/python/controlflow/internal/Cfg.qll

Code scanning / CodeQL

Cannot inline predicate across overlay frontier Warning

This possibly local non-private inline predicate will not be inlined across the overlay frontier. This may negatively affect evaluation performance. Consider adding an overlay[caller] or overlay[caller?] annotation to allow inlining across the overlay frontier. Note that adding an overlay[caller] or overlay[caller?] annotation affects semantics under overlay evaluation.

Check warning on line 119 in python/ql/lib/semmle/python/controlflow/internal/Cfg.qll

Code scanning / CodeQL

Cannot inline predicate across overlay frontier Warning

Check warning on line 937 in python/ql/lib/semmle/python/controlflow/internal/Cfg.qll

Code scanning / CodeQL

Class QLDoc style Warning

The QLDoc for a class should start with 'A', 'An', or 'The'.

Check warning on line 4 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgAllLiveReachable.ql

Code scanning / CodeQL

Redundant import Warning test

Redundant import, the module is already imported inside

Check warning on line 8 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgAnnotationHasCfgNode.ql

Code scanning / CodeQL

Redundant import Warning test

Redundant import, the module is already imported inside

Check warning on line 15 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgBasicBlockAnnotationGap.ql

Code scanning / CodeQL

Redundant import Warning test

Redundant import, the module is already imported inside

Check warning on line 10 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgBasicBlockOrdering.ql

Code scanning / CodeQL

Redundant import Warning test

Redundant import, the module is already imported inside

Check warning on line 33 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgBranchTimestamps.ql

Code scanning / CodeQL

Misspelling Warning test

This comment contains the non-US spelling 'modelled', which should instead be 'modeled'.

Check warning on line 36 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgBranchTimestamps.ql

Code scanning / CodeQL

Redundant import Warning test

Redundant import, the module is already imported inside

Check warning on line 11 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgConsecutivePredecessorTimestamps.ql

Code scanning / CodeQL

Redundant import Warning test

Redundant import, the module is already imported inside

Check warning on line 18 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgConsecutiveTimestamps.ql

Code scanning / CodeQL

Redundant import Warning test

Redundant import, the module is already imported inside

Check warning on line 6 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgImpl.qll

Code scanning / CodeQL

Names only differing by case Warning test

Py is only different by casing from PY that is used elsewhere for modules.

Check warning on line 78 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgImpl.qll

Code scanning / CodeQL

Omittable 'exists' variable Warning test

This exists variable can be omitted by using a don't-care expression

Check warning on line 11 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgNeverReachable.ql

Code scanning / CodeQL

Redundant import Warning test

Redundant import, the module is already imported inside

Check warning on line 11 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgNoBackwardFlow.ql

Code scanning / CodeQL

Redundant import Warning test

Redundant import, the module is already imported inside

Check warning on line 8 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgNoBasicBlock.ql

Code scanning / CodeQL

Redundant import Warning test

Redundant import, the module is already imported inside

Check warning on line 10 in python/ql/test/library-tests/ControlFlow/evaluation-order/NewCfgNoSharedReachable.ql

Code scanning / CodeQL

Redundant import Warning test

Redundant import, the module is already imported inside

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Python: add new shared-CFG-backed control flow graph (additive)#21921