From dfab1be55d9bf4449a3f333e30341383d2831906 Mon Sep 17 00:00:00 2001
From: chrchr-github <78114321+chrchr-github@users.noreply.github.com>
Date: Thu, 16 Oct 2025 14:33:35 +0200
Subject: [PATCH 1/6] Update forwardanalyzer.cpp

---
 lib/forwardanalyzer.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/forwardanalyzer.cpp b/lib/forwardanalyzer.cpp
index ebdfc70a50d..8b7bf6eabab 100644
--- a/lib/forwardanalyzer.cpp
+++ b/lib/forwardanalyzer.cpp
@@ -208,7 +208,7 @@ namespace {
                 bool checkThen, checkElse;
                 std::tie(checkThen, checkElse) = evalCond(condTok);
                 if (!checkThen && !checkElse) {
-                    if (!traverseUnknown && stopOnCondition(condTok) && stopUpdates()) {
+                    if (!traverseUnknown && stopOnCondition(condTok)) {
                         return Progress::Continue;
                     }
                     checkThen = true;

From 8e120161f5d62890296df46504d54455a02a493a Mon Sep 17 00:00:00 2001
From: chrchr-github <78114321+chrchr-github@users.noreply.github.com>
Date: Thu, 16 Oct 2025 14:36:03 +0200
Subject: [PATCH 2/6] Update testnullpointer.cpp

---
 test/testnullpointer.cpp | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/test/testnullpointer.cpp b/test/testnullpointer.cpp
index f4d0ca61813..79a9bb46e93 100644
--- a/test/testnullpointer.cpp
+++ b/test/testnullpointer.cpp
@@ -3392,6 +3392,20 @@ class TestNullPointer : public TestFixture {
               "  pointer = func(sizeof pointer[0]);\n"
               "}");
         ASSERT_EQUALS("", errout_str());
+
+        check("struct T {\n" // #14164
+              "    T* next;\n"
+              "    char op;\n"
+              "};\n"
+              "void h(int, char);\n"
+              "void g(const T* tok, bool b) {\n"
+              "    if (tok->op == '<') {\n"
+              "        while ((tok = tok->next) && tok->op != '>') {}\n"
+              "    }\n"
+              "    h(b ? 1 : 0, tok->op);\n"
+              "}\n");
+        ASSERT_EQUALS("[test.cpp:8:21] -> [test.cpp:10:18]: (warning) Either the condition 'tok=tok->next' is redundant or there is possible null pointer dereference: tok. [nullPointerRedundantCheck]\n",
+                      errout_str());
     }
 
     // Test CheckNullPointer::nullConstantDereference

From a51ab1e9d5bc4818ddc98ed8a00d05081a6009c9 Mon Sep 17 00:00:00 2001
From: chrchr-github <78114321+chrchr-github@users.noreply.github.com>
Date: Thu, 16 Oct 2025 16:17:11 +0200
Subject: [PATCH 3/6] Update forwardanalyzer.cpp

---
 lib/forwardanalyzer.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/forwardanalyzer.cpp b/lib/forwardanalyzer.cpp
index 8b7bf6eabab..c6330b8fb55 100644
--- a/lib/forwardanalyzer.cpp
+++ b/lib/forwardanalyzer.cpp
@@ -208,7 +208,9 @@ namespace {
                 bool checkThen, checkElse;
                 std::tie(checkThen, checkElse) = evalCond(condTok);
                 if (!checkThen && !checkElse) {
-                    if (!traverseUnknown && stopOnCondition(condTok)) {
+                    if (!traverseUnknown && stopOnCondition(condTok) && stopUpdates()) {
+                        if (tok->str() == "?")
+                            analyzeOnly = false;
                         return Progress::Continue;
                     }
                     checkThen = true;

From 692083a7d92134cc9b61c5a6a03d18b81f855a6a Mon Sep 17 00:00:00 2001
From: chrchr-github <noreply@github.com>
Date: Thu, 16 Oct 2025 19:55:16 +0200
Subject: [PATCH 4/6] Fix

---
 lib/forwardanalyzer.cpp  | 5 +++--
 test/testnullpointer.cpp | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/lib/forwardanalyzer.cpp b/lib/forwardanalyzer.cpp
index c6330b8fb55..4b71d77800c 100644
--- a/lib/forwardanalyzer.cpp
+++ b/lib/forwardanalyzer.cpp
@@ -208,11 +208,12 @@ namespace {
                 bool checkThen, checkElse;
                 std::tie(checkThen, checkElse) = evalCond(condTok);
                 if (!checkThen && !checkElse) {
+                    const bool oldAnalyzeOnly = analyzeOnly;
                     if (!traverseUnknown && stopOnCondition(condTok) && stopUpdates()) {
-                        if (tok->str() == "?")
-                            analyzeOnly = false;
                         return Progress::Continue;
                     }
+                    if (tok->str() == "?")
+                        analyzeOnly = oldAnalyzeOnly;
                     checkThen = true;
                     checkElse = true;
                 }
diff --git a/test/testnullpointer.cpp b/test/testnullpointer.cpp
index 79a9bb46e93..51692352271 100644
--- a/test/testnullpointer.cpp
+++ b/test/testnullpointer.cpp
@@ -3372,7 +3372,7 @@ class TestNullPointer : public TestFixture {
               "    if (!p) {}\n"
               "    return q ? p->x : 0;\n"
               "}");
-        TODO_ASSERT_EQUALS("[test.cpp:2] -> [test.cpp:3]: (warning) Either the condition '!p' is redundant or there is possible null pointer dereference: p.\n", "", errout_str());
+        ASSERT_EQUALS("[test.cpp:2:9] -> [test.cpp:3:16]: (warning) Either the condition '!p' is redundant or there is possible null pointer dereference: p. [nullPointerRedundantCheck]\n", errout_str());
 
         check("int f(ABC *p) {\n" // FP : return &&
               "    if (!p) {}\n"

From f097cab620d8a6071144f1c798de09debe432ea1 Mon Sep 17 00:00:00 2001
From: chrchr-github <noreply@github.com>
Date: Thu, 16 Oct 2025 21:41:23 +0200
Subject: [PATCH 5/6] Fix

---
 lib/checkcondition.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/checkcondition.cpp b/lib/checkcondition.cpp
index b5316dbee00..315ecceb4a2 100644
--- a/lib/checkcondition.cpp
+++ b/lib/checkcondition.cpp
@@ -1986,7 +1986,7 @@ void CheckCondition::checkCompareValueOutOfTypeRange()
                 default:
                     break;
                 }
-                if (bits == 0 || bits >= 64)
+                if (bits == 0 || bits >= 63)
                     continue;
 
                 const auto typeMinValue = (typeTok->valueType()->sign == ValueType::Sign::UNSIGNED) ? 0 : (-(1LL << (bits-1)));

From 2edc114d90552f0023186ca420d02a60bbfb229b Mon Sep 17 00:00:00 2001
From: chrchr-github <noreply@github.com>
Date: Tue, 28 Oct 2025 19:33:39 +0100
Subject: [PATCH 6/6] Fix

---
 lib/forwardanalyzer.cpp  | 5 +----
 test/testnullpointer.cpp | 4 +++-
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/lib/forwardanalyzer.cpp b/lib/forwardanalyzer.cpp
index 4b71d77800c..023a56c2496 100644
--- a/lib/forwardanalyzer.cpp
+++ b/lib/forwardanalyzer.cpp
@@ -208,12 +208,9 @@ namespace {
                 bool checkThen, checkElse;
                 std::tie(checkThen, checkElse) = evalCond(condTok);
                 if (!checkThen && !checkElse) {
-                    const bool oldAnalyzeOnly = analyzeOnly;
-                    if (!traverseUnknown && stopOnCondition(condTok) && stopUpdates()) {
+                    if (!traverseUnknown && stopOnCondition(condTok) && tok->str() != "?" && stopUpdates()) {
                         return Progress::Continue;
                     }
-                    if (tok->str() == "?")
-                        analyzeOnly = oldAnalyzeOnly;
                     checkThen = true;
                     checkElse = true;
                 }
diff --git a/test/testnullpointer.cpp b/test/testnullpointer.cpp
index 51692352271..f9ec1135fb6 100644
--- a/test/testnullpointer.cpp
+++ b/test/testnullpointer.cpp
@@ -1403,7 +1403,9 @@ class TestNullPointer : public TestFixture {
               "    if (x) p = q;\n"
               "    if (y ? p->x : p->y) { }\n"
               "}");
-        TODO_ASSERT_EQUALS("[test.cpp:4]: (warning) Possible null pointer dereference: p\n", "", errout_str());
+        ASSERT_EQUALS("[test.cpp:4:13]: (warning) Possible null pointer dereference: p [nullPointer]\n"
+                      "[test.cpp:4:20]: (warning) Possible null pointer dereference: p [nullPointer]\n",
+                      errout_str());
     }
 
     void nullpointer21() {  // #4038 - fp: if (x) p=q; else return;