From f26bc6a75cc93969b88704763bc0013645655891 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= <danielm77@spray.se>
Date: Sun, 13 Mar 2011 10:34:54 +0100
Subject: [PATCH] Fixed #2621 (Segmentation fault for GCC statement expression)

---
 lib/checknullpointer.cpp | 5 ++++-
 test/testnullpointer.cpp | 9 +++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/lib/checknullpointer.cpp b/lib/checknullpointer.cpp
index 9285cef5f..bc8324e79 100644
--- a/lib/checknullpointer.cpp
+++ b/lib/checknullpointer.cpp
@@ -635,7 +635,10 @@ void CheckNullPointer::nullPointerByCheckAndDeRef()
                 null = false;
 
                 // start token = first token after the if/while body
-                tok1 = tok1->previous()->link()->next();
+                tok1 = tok1->previous()->link();
+                tok1 = tok1 ? tok1->next() : NULL;
+                if (!tok1)
+                    continue;
             }
 
             // Name of the pointer
diff --git a/test/testnullpointer.cpp b/test/testnullpointer.cpp
index 2b34878d6..2a1cd7a17 100644
--- a/test/testnullpointer.cpp
+++ b/test/testnullpointer.cpp
@@ -46,6 +46,7 @@ private:
         TEST_CASE(nullpointer9);
         TEST_CASE(pointerCheckAndDeRef);	// check if pointer is null and then dereference it
         TEST_CASE(nullConstantDereference);		// Dereference NULL constant
+        TEST_CASE(gcc_statement_expression);    // Don't crash
     }
 
     void check(const char code[])
@@ -1003,6 +1004,14 @@ private:
 
     }
 
+    void gcc_statement_expression()
+    {
+        // Ticket #2621
+        check("void f(struct ABC *abc) {\n"
+              "    ({ if (abc) dbg(); })\n"
+              "}");
+        ASSERT_EQUALS("", errout.str());
+    }
 };
 
 REGISTER_TEST(TestNullPointer)