FPs and FNs in the Symbolic Execution rules when null coalescing is combined with arithmetic expressions because we do not support constraints on integers

[ChaosCrafter]

When an IF statement uses the null conditional rule and (or?) the null coalescing operator then the else path is not marked as cannot be null, resulting in false S2259 messages.

Eg.

if ((x?.value??0)==0)
{ // this happens if x is null, x.value is null or x.value == 0
}
else
{ // this part can't be called if x is null or x.value is null
  text = $"{x.value} items";
}

In this example, the line
text = $"{x.value} items";
gets a message S2259 'x' is null on at least one execution path.
Unless I'm misunderstanding something, that is not true.

[andrei-epure-sonarsource]

This is most likely a duplicate of #2361 which got fixed during this sprint, it needs to be reviewed and confirmed it got fixed.

[christophe-zurn-sonarsource]

@andrei-epure-sonarsource I had a look and this is not actually a duplicate of #2361. The issue here comes from the fact that we do not support constraints on integers in the symbolic execution engine.
Basically, when (x?.value??0)==0 is false, this indeed implies that x is not null, but since we do not track integers, we cannot infer the non-nullability of x from the equals comparing integers.

A simpler reproducer for this FP:

class ValueHolder
{
  public int? value;
}

string Foo(ValueHolder x)
{
  if ((x == null ? 0 : 1) == 0)
  {
    return "x is null";
  }
  else
  {
    return $"{x.value} items";
  }
}

[andrei-epure-sonarsource]

Another repro for this FP on community.

And this can also manifest as a False Negative in S2583/S2589, e.g.

    public class Repro_2528
    {
        public int Count { get; }
        public int Foo()
        {
            Repro_2528 x = null;
            if (x == null) { } // Noncompliant
            if ((x?.Count ?? 0) == 0) // FN
            {
                return -1;
            }

            return 1;
        }
    }

[pavel-mikula-sonarsource]

Another repro, from #4537

        private void Sample()
        {
            string someString = null;

            if (!someString?.Contains("a") ?? true)
                Console.WriteLine("It's null or doesn't contain 'a'");
            else
                Console.WriteLine(someString.Length); //S2259 reported here
        }

[andrei-epure-sonarsource]

@pavel-mikula-sonarsource I guess after adding this reproducer, the title should be updated as well? currently it's "... because we do not support constraints on integers" ?

LE: actually I saw your update on the #4537 (comment) , so there's a separate ticket tracking this (#4537)

[bkromhout]

Can confirm we're also seeing this in our source. We don't want to disable SS2259, but alternatives are either suppressing in source (gross), or adding redundant null checks (annoying). Please consider finding a way to address this soon, it's been two years since it was initially reported.

[Simply-Coder]

I am also facing same error while using sonar cloud on below line. What would be fix from sonar cloud?

Var httpconnectextension= httpAccrssor.HttpContext==null?null: Httpconnectextension.current;

[pavel-mikula-sonarsource]

We should take #4537 first to see if it fixes this one too