Contract.Requires not preventing a null reference warning (purple squiggly)
I am specifying in the constructor that the params are not null. The fields are private and there is no other code existing for static checking to wonder whether or not these fields are getting set to null.
Nevertheless, I am getting a warning from Visual Studio 2013 that they might be null.
CodeContracts: Possibly accessing a field on a null reference 'this.origin'
How can they ever be null? Is the static checker not able to figure this out, perhaps? Or am I not doing it right?
using System.Diagnostics.Contracts;
public class Link
{
private Shape origin;
private Shape destination;
public Link(Shape origin, Shape destination)
{
Contract.Requires(origin != null);
Contract.Requires(destination != null);
this.origin = origin;
this.destination = destination;
}
public string OriginID()
{
return origin.ID; // getting purple squiggly here
}
public string DestinationID()
{
return destination.ID; // getting purple squiggly here
}
}
EDIT:
They are gone now. My question stands though, because I don't know what I did to make them go away. I did not change anything in this class nor the project settings. It's just, at the time I got the warnings, one of my tests did not pass and now, all tests pass. That's the only difference between then and now. The changes to make the test pass were in another class, not this one.
Dependent upon your project settings, I do not believe the static checker is always able to work out the invariants on origin and destination.
There are several approaches which could be taken to resolve this warning:
ContractInvariantMethod
Add an explicit private method attributed with the ContractInvariantMethodAttribute and makes call to Contract.Invariant, e.g:
[ContractInvariantMethod]
private void ObjectInvariant()
{
Contract.Invariant(origin != null);
Contract.Invariant(destination != null);
}
This will inform the static checker that these invariants will never be violated, i.e. origin and destination will never be null.
readonly + Infer invariants for readonly
Mark both of the fields as readonly and in your code contract settings, ensure the Infer invariants for readonly option is checked for the static checker:
I personally tend to go for the ContractInvariantMethod approach but also mark my fields as readonly if they are only initialised upon instantiation, both approaches should work however.
- Is this declaration UB?
- return type defaults to 'int' [-Wimplicit-int]
- What is the scope of `fesetround()`?
- Which specific optimization flag causes libm functions to be treated as pure?
- How to render text in SDL2?
- Why would you use 'extern "C++"'?
- Strange Behavior Compiler Ignoring NULL Check Unless I Print Something in the if Statement
- Fast inverse square root using fixed point instead of floating point
- What is the const qualifier attached to in C: the memory area or the pointer?
- GCC options for strictest C code?
- How to do an explicit fall-through in C
- How do compilers treat CONST qualifier when the pointer points to a memory location obtained with malloc()?
- C: cmocka headers - how to unittest?
- Why in C when I print a double with a one decimal it round it to the next number
- Android C to Java SWIG unable to compile: incompatible types: byte cannot be converted to SWIGTYPE_p_uint8_t
- GNU Make in Ubuntu giving fatal error: rpc/types.h: No such file or directory
- How can I exclude non-numeric keys? CS50 Caesar Pset2
- How change every struct in an array of pointers?
- Optimized 2x2 matrix multiplication: Slow assembly versus fast SIMD
- Simple frame by frame video decoder library
- GCC no longer implements <varargs.h>
- Contents of IO buffer unknown == unsafe?
- Avoiding strcpy overflow destination warning
- Sort program not working, not sure why
- Fast & accurate atan/arctan approximation algorithm
- What's the difference between strtok_r and strtok_s in C?
- How memory address for pointer to arrays is same as an element in 2D array?
- Which is the best way to suppress "unused variable" warning
- How to use ellipsis in c's case statement?
- Fast ceiling of an integer division in C / C++