Roslyn: Nullable analysis should understand XOR null tests
Version Used: 3.3.0-beta1-19327-04
Steps to Reproduce:
```c#
string M1(object? o1, object? o2)
{
if (o1 == null && o2 == null)
return "both null";
if ((o1 == null) ^ (o2 == null))
return "one null";
// at this point neither o1 nor o2 are null
return o1.ToString() // CS8602 possible null dereference
+ o2.ToString(); // CS8602 possible null dereference
}
string M2(object? o1, object? o2)
{
if (o1 == null && o2 == null)
return "both null";
if (o1 == null)
return "o1 null";
if (o2 == null)
return "o2 null";
return o1.ToString() // no diagnostics in this case
+ o2.ToString();
}
```
Expected Behavior:
No diagnostics.
Actual Behavior:
Diagnostics.
drewnoakes
All 6 comments
Use != instead of ^? That's arguably more idiomatic for bools anyway. Although || has the same effect in your sample.
canton7
on 2 Jul 2019
Thanks. Several workarounds exist. This issue is tracking a gap in the product. It's not uncommon to see bitwise operators used on bools.
drewnoakes
on 2 Jul 2019
Our nullable analysis just doesn't learn anything in the WhenFalse case of o1 == null && o2 == null. I don't think it's realistic to start learning the "dependent" null relationship between variables (i.e. "at least one" of these variables was non-null, and "not exactly one" of these variables was non-null, therefore they're both non-null.)
I feel that in a scenario like this we should ask the user to change ^ to ||.
RikkiGibson
on 3 Jul 2019
To provide a little background, the compiler does what is usually referred to as a "path-independent flow analysis" for these situations. What this means practically is that conditional states are intersected at the end of the condition.
So
```C#
if (o1 == null && o2 == null) // cond 1
return "both null";
if ((o1 == null) ^ (o2 == null)) // cond 2
return "one null";
Is processed like
```C#
if (o1 == null &&
^ split o1 is null and not null
1) o1 is null
o2 == null
^ split o2 is null and not null
1) o2 is null
return
2) goto cond 2
2) goto cond 2
// cond 2
state = (o1 NotNull && o2 MaybeNull) /\ (o1 MaybeNull && o2 NotNull) = o1 MaybeNull && o2 MaybeNull
So because the states are intersected at cond 2, and in each state there is an o1 is MaybeNull and an o2 is MaybeNull, the resulting state is o1 is MaybeNull and o2 is MaybeNull. In other words, the condition doesn't actually tell the flow analysis anything new about the states of the variables.
One way to learn about the states would be to do what's called a "path-dependent" flow analysis, but that can be significantly more expensive and is not in the design of C# 8.
agocke
on 5 Jul 2019
Closing as out of scope of the design.
agocke
on 15 Dec 2019
Duplicate of https://github.com/dotnet/roslyn/issues/37344 (nullability analysis for single and-operator)
jcouv
on 16 Dec 2019
Related issues
NikChao
路
3Comments
vbcodec
路
3Comments
binki
路
3Comments
JesperTreetop
路
3Comments
AdamSpeight2008
路
3Comments
Most helpful comment
To provide a little background, the compiler does what is usually referred to as a "path-independent flow analysis" for these situations. What this means practically is that conditional states are intersected at the end of the condition.
So
```C#
if (o1 == null && o2 == null) // cond 1
return "both null";
if ((o1 == null) ^ (o2 == null)) // cond 2
return "one null";
So because the states are intersected at
cond 2, and in each state there is ano1 is MaybeNulland ano2 is MaybeNull, the resulting state iso1 is MaybeNullando2 is MaybeNull. In other words, the condition doesn't actually tell the flow analysis anything new about the states of the variables.One way to learn about the states would be to do what's called a "path-dependent" flow analysis, but that can be significantly more expensive and is not in the design of C# 8.