Update handling of annotations on varargs argument

[msridhar]

See #708 (comment) for an overview, and #674 (comment) for all the details of how annotations on the varargs argument are now checked by NullAway. Reproduced from #674 (comment), here are the updated behaviors for different types of annotations on the varargs formal parameter (Update the table is slightly tweaked from the previous comment; this table now matches the current thinking / implementation):

Annotation Type	Annotation Position	Mode	@Nullable varargs array	@Nullable array elements	@Nullable args at calls
declaration	-	standard	❌	❌	✅
declaration	-	legacy	✅	❌	✅
declaration	-	JSpecify	❌	✅	✅
type use	before ...	standard	✅	❌	❌
type use	before ...	legacy	✅	❌	✅
type use	before ...	JSpecify	✅	❌	❌
type use	elements	standard	❌	❌	✅
type use	elements	legacy	✅	❌	✅
type use	elements	JSpecify	❌	✅	✅
type use	both	standard	✅	❌	✅
type use	both	legacy	✅	❌	✅
type use	both	JSpecify	✅	✅	✅
both	before ...	standard	✅	❌	❌
both	before ...	legacy	✅	❌	✅
both	before ...	JSpecify	✅	❌	❌
both	elements	standard	❌	❌	✅
both	elements	legacy	✅	❌	✅
both	elements	JSpecify	❌	✅	✅
both	both	standard	✅	❌	✅
both	both	legacy	✅	❌	✅
both	both	JSpecify	✅	✅	✅

"@Nullable varargs array" means that the varargs array is treated as @Nullable within the method body, and a @Nullable array can be passed at call sites. "@Nullable array elements" means that elements of the varargs array are treated as @Nullable within the method body (only relevant in JSpecify mode). And, "@Nullable args at calls" means that individual arguments passed in the varargs position at call sites may be @Nullable.

Fixes #674

[codecov]

Codecov Report

Attention: Patch coverage is 97.43590% with 1 line in your changes missing coverage. Please review.

Project coverage is 86.06%. Comparing base (0d500cc) to head (535af4f).
Report is 1 commits behind head on master.

Files with missing lines	Patch %	Lines
...away/src/main/java/com/uber/nullaway/NullAway.java	95.45%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##             master    #1025      +/-   ##
============================================
+ Coverage     86.00%   86.06%   +0.06%     
- Complexity     2091     2110      +19     
============================================
  Files            83       83              
  Lines          6908     6932      +24     
  Branches       1331     1344      +13     
============================================
+ Hits           5941     5966      +25     
+ Misses          551      550       -1     
  Partials        416      416              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[lazaroclapp]

Ok, left comments/nits as I went along, including suggestions of comments/naming that make things more readable for me, but which you can ultimately accept or ignored as desired.

Overall this LGTM, a few questions inline, that can be addressed in follow ups and also:

Do we have any tests checking that when given a JSpecify annotation we always act as in JSpecify mode? I saw that in one of the discussion comments, but not the tests.

[lazaroclapp]

This is still the case, right? Is just that now NullAway can prove this statically?

[msridhar]

Correct, javac's initialized variables check now proves it (along with the fact that we never assign null to the variable)

[lazaroclapp]

Shouldn't we be checking in here that the elements are @Nullable? By adding the for loop and trying to deref `other? Or is the table saying that in JSpecify mode (and every mode other than legacy) we don't check declaration annotations (but acknowledge them for call sites)?

[msridhar]

I did add the test in bc46f2e. And I have now changed the logic so that we get an error, in 6b622c7. Great catch! My table didn't have this case as an error before, due to an attempt to make treatment of array types identical for regular arrays and varargs arrays. But there are already other cases where we don't have identical treatment. And the previous table made a @Nullable declaration annotation a no-op within the method body, which could be confusing. So this is now fixed, and I will update the table accordingly.

[lazaroclapp]

Again, why isn't this an error in JSpecify mode? Isn't the initialization here an array of 10 null references?

[msridhar]

Yes, this is again due to unsound handling of array initializers, see previous comment

[msridhar]

Thanks a lot for the detailed review @lazaroclapp!

[msridhar]

Correct, javac's initialized variables check now proves it (along with the fact that we never assign null to the variable)

[msridhar]

Yup, added in 71301a3

[msridhar]

That reasoning only occurs in JSpecify mode. It is tested in JSpecifyVarargsTests#typeUseAndDeclarationOnBoth and in other methods in that class.

[msridhar]

This is a separate issue, which is around checking of array initialization. By default, thus far, we have been unsound and not checked for initialization of array elements at all. Checking that array elements (for an array of @NonNull references) are initialized before they are used would be challenging and likely lead to many false positives. The Checker Framework Nullness Checker also handles array initialization unsoundly by default; see here. We should probably document this in our JSpecify mode documentation.

[msridhar]

I did add the test in bc46f2e. And I have now changed the logic so that we get an error, in 6b622c7. Great catch! My table didn't have this case as an error before, due to an attempt to make treatment of array types identical for regular arrays and varargs arrays. But there are already other cases where we don't have identical treatment. And the previous table made a @Nullable declaration annotation a no-op within the method body, which could be confusing. So this is now fixed, and I will update the table accordingly.

[msridhar]

Yes, this is again due to unsound handling of array initializers, see previous comment

[lazaroclapp]

Changes make sense to me!