Infer# is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects null dereferences, resource leaks, and thread-safety violations. It also performs taint flow tracking to detect critical security vulnerabilities like SQL injections.
Investigate a false positive having to do with variable addressing:
method(int i, out string c) { this.method2(i, out c); return c != null }
reporting on c being a null dereference.