Java: Fix performance issue in type flow library#21987
Open
hvitved wants to merge 3 commits into
Open
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
aschackmull
reviewed
Jun 15, 2026
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
aschackmull
reviewed
Jun 15, 2026
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
Contributor
Author
Rerun has been triggered: 2 restarted 🚀 |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR addresses the Java/Kotlin analysis performance regression described in #21874 by adding an optional, language-provided node-identifier hook to the shared type flow framework so ranking can avoid degenerating when many nodes share the same location (for example, compiler-generated Kotlin methods).
Changes:
- Adds optional node ID predicates to
UniversalFlowInputandTypeFlowInputto allow stable, language-specific ranking with a location-based fallback. - Wires the new hook through the shared
TypeFlowImpladapter soTypeFlowcan pass language-provided IDs intoUniversalFlow. - Implements/provides a Java-side node ID strategy and threads it into affected Java libraries/modules.
Show a summary per file
| File | Description |
|---|---|
| shared/typeflow/codeql/typeflow/UniversalFlow.qll | Adds an optional getFlowNodeId hook and updates ranking to use it with a location fallback. |
| shared/typeflow/codeql/typeflow/TypeFlow.qll | Adds an optional getTypeFlowNodeId hook to the TypeFlow input signature. |
| shared/typeflow/codeql/typeflow/internal/TypeFlowImpl.qll | Connects TypeFlowInput.getTypeFlowNodeId into the universal-flow adapter layer. |
| java/ql/lib/semmle/code/java/security/ListOfConstantsSanitizer.qll | Plumbs Java’s flow-node ID into the module’s UniversalFlow input. |
| java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll | Adds a Java implementation of getFlowNodeId and exposes it via getTypeFlowNodeId. |
Copilot's findings
- Files reviewed: 5/5 changed files
- Comments generated: 3
Comment on lines
+48
to
+51
| /** | ||
| * Gets an identifier for node `n`, if any. When not implemented for a given node, | ||
| * the library will use location-based ranking. | ||
| */ |
Comment on lines
+32
to
+35
| /** | ||
| * Gets an identifier for node `n`, if any. When not implemented for a given node, | ||
| * the library will use location-based ranking. | ||
| */ |
| a = 0 and | ||
| idOf(n0.asField(), b) | ||
| or | ||
| // no case for `n0.asSsa()`; here we rely on the built-in location-based ranking |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR fixes the performance issue reported here.
The issue is that
UniversalFlow.qlluses purely location-based ranking, which doesn't work well when many entities have the same location information (as is the case for certain compiler-generated methods in Kotlin). The fix is to add an escape hatch toUniversalFlow.qll(andTypeFlow.qll), which allows for language-specific ranking.