mirror of
https://github.com/github/codeql.git
synced 2026-07-01 01:25:33 +02:00
The `instanceFieldStep` disjunct of `TypeTrackingInput::levelStepCall` that was added in 7.2.0 uses `classInstanceTracker(cls)` -- which is itself a type-tracker -- inside `levelStepCall`. That creates a structural mutual recursion between the main type-tracker fixpoint and `classInstanceTracker`, causing the type-tracker delta to blow up to ~100M tuples per iteration on some OOP-heavy Python codebases. Verified on the python/mypy database: SSRF query wall time goes from ~12s before the offending commit to >40 minutes after it. This hotfix temporarily drops the `instanceFieldStep` disjunct and keeps only `inheritedFieldStep`, which does not pull on the call graph and is well-behaved (verified at ~12s on mypy). The `instanceFieldStep` helper predicate itself is kept in place, and the `levelStepCall` body has a commented-out call to it so the change is trivial to re-enable once the recursion issue is properly addressed.