Merge branch 'main' into 13332-codeql-model-editor-csharp

Author: felicitymay

cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll

@@ -2359,6 +2359,47 @@ class TranslatedDestructorFieldDestruction extends TranslatedNonConstantExpr, St
   private TranslatedExpr getDestructorCall() { result = getTranslatedExpr(expr.getExpr()) }
 }
 
+/**
+ * The IR translation of a vacuous destructor call. That is, an expression that
+ * looks like a destructor call, but has no effect.
+ *
+ * Note that, even though there's no destructor call, we should still evaluate
+ * the qualifier.
+ */
+class TranslatedVacuousDestructorCall extends TranslatedNonConstantExpr {
+  override VacuousDestructorCall expr;
+
+  override Instruction getInstructionSuccessorInternal(InstructionTag tag, EdgeKind kind) { none() }
+
+  final TranslatedExpr getQualifier() {
+    result = getTranslatedExpr(expr.getQualifier().getFullyConverted())
+  }
+
+  override Instruction getFirstInstruction(EdgeKind kind) {
+    result = this.getQualifier().getFirstInstruction(kind)
+  }
+
+  override Instruction getChildSuccessorInternal(TranslatedElement child, EdgeKind kind) {
+    child = this.getQualifier() and
+    result = this.getParent().getChildSuccessor(this, kind)
+  }
+
+  override TranslatedElement getChildInternal(int id) {
+    id = 0 and
+    result = this.getQualifier()
+  }
+
+  override Instruction getResult() { none() }
+
+  override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) {
+    none()
+  }
+
+  override Instruction getALastInstructionInternal() {
+    result = this.getQualifier().getALastInstruction()
+  }
+}
+
 /**
  * The IR translation of the `?:` operator. This class has the portions of the implementation that
  * are shared between the standard three-operand form (`a ? b : c`) and the GCC-extension

cpp/ql/lib/semmle/code/cpp/ir/internal/CppType.qll

@@ -11,7 +11,7 @@ private int getTypeSizeWorkaround(Type type) {
   exists(Type unspecifiedType |
     unspecifiedType = type.getUnspecifiedType() and
     (
-      unspecifiedType instanceof FunctionReferenceType and
+      (unspecifiedType instanceof FunctionReferenceType or unspecifiedType instanceof RoutineType) and
       result = getPointerSize()
       or
       exists(PointerToMemberType ptmType |
@@ -176,7 +176,7 @@ private IRType getIRTypeForPRValue(Type type) {
     isPointerIshType(unspecifiedType) and
     result.(IRAddressType).getByteSize() = getTypeSize(unspecifiedType)
     or
-    unspecifiedType instanceof FunctionPointerIshType and
+    (unspecifiedType instanceof FunctionPointerIshType or unspecifiedType instanceof RoutineType) and
     result.(IRFunctionAddressType).getByteSize() = getTypeSize(type)
     or
     unspecifiedType instanceof VoidType and result instanceof IRVoidType

cpp/ql/test/library-tests/ir/ir/PrintAST.expected

@@ -2189,6 +2189,26 @@ void static_variable_with_destructor_3() {
 
 static ClassWithDestructor global_class_with_destructor;
 
+namespace vacuous_destructor_call {
+    template<typename T>
+    T& get(T& t) { return t; }
+
+    template<typename T>
+    void call_destructor(T& t) {
+        get(t).~T();
+    }
+
+    void non_vacuous_destructor_call() {
+        ClassWithDestructor c;
+        call_destructor(c);
+    }
+
+    void vacuous_destructor_call() {
+        int i;
+        call_destructor(i);
+    }
+}
+
 void TryCatchDestructors(bool b) {
   try {
     String s;
@@ -2296,4 +2316,19 @@ void VoidReturnDestructors() {
     return VoidFunc();
 }
 
+namespace return_routine_type {
+    struct HasVoidToIntFunc
+    {
+        void VoidToInt(int);
+    };
+
+    typedef void (HasVoidToIntFunc::*VoidToIntMemberFunc)(int);
+
+    static VoidToIntMemberFunc GetVoidToIntFunc()
+    {
+        return &HasVoidToIntFunc::VoidToInt;
+    }
+
+}
+
 // semmle-extractor-options: -std=c++20 --clang