From 830249d72e78fce7083fb0e4d364bf9d29316781 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= <daniel.marjamaki@gmail.com>
Date: Tue, 1 Apr 2014 07:06:20 +0200
Subject: [PATCH] Fixed #5510 (FP: nullPointer - variable initialized in
 function call)

---
 lib/valueflow.cpp      | 6 ++++++
 test/testvalueflow.cpp | 7 +++++++
 2 files changed, 13 insertions(+)

diff --git a/lib/valueflow.cpp b/lib/valueflow.cpp
index ee5bdf4e4..f2ea1d272 100644
--- a/lib/valueflow.cpp
+++ b/lib/valueflow.cpp
@@ -61,6 +61,12 @@ static bool bailoutFunctionPar(const Token *tok, const ValueFlow::Value &value,
     else
         return false;
 
+    // reinterpret_cast etc..
+    if (Token::Match(tok->tokAt(-3), "> ( & %var% ) [,)]") &&
+        tok->linkAt(-3) &&
+        Token::Match(tok->linkAt(-3)->tokAt(-2), "[,(] %type% <"))
+        tok = tok->linkAt(-3);
+
     // goto start of function call and get argnr
     unsigned int argnr = 0;
     while (tok && tok->str() != "(") {
diff --git a/test/testvalueflow.cpp b/test/testvalueflow.cpp
index 4a44a7a99..3c05389e0 100644
--- a/test/testvalueflow.cpp
+++ b/test/testvalueflow.cpp
@@ -513,6 +513,13 @@ private:
                "}";
         ASSERT_EQUALS(false, testValueOfX(code, 4U, 0));
 
+        code = "void f() {\n"
+               "    char *x = 0;\n"
+               "    getx(reinterpret_cast<void **>(&x));\n"
+               "    *x = 0;\n"
+               "}";
+        ASSERT_EQUALS(false, testValueOfX(code, 4U, 0));
+
         // if/else
         code = "void f() {\n"
                "    int x = 123;\n"