[analyzer] Fix bug in isInevitablySinking

If the non-sink report is generated at the exit node, it will be
suppressed by the current functionality in isInevitablySinking, as it
only checks the successors of the block, but not the block itself.

The bug shows up in RetainCountChecker checks.

Differential Revision: https://reviews.llvm.org/D52284

llvm-svn: 342766

diff --git a/clang/lib/StaticAnalyzer/Core/BugReporter.cpp b/clang/lib/StaticAnalyzer/Core/BugReporter.cpp
index 483fb50..048c8aa 100644 (file)
--- a/clang/lib/StaticAnalyzer/Core/BugReporter.cpp
+++ b/clang/lib/StaticAnalyzer/Core/BugReporter.cpp
@@ -2812,16 +2812,15 @@ static bool isInevitablySinking(const ExplodedNode *N) {
     DFSWorkList.pop_back();
     Visited.insert(Blk);
 
+    // If at least one path reaches the CFG exit, it means that control is
+    // returned to the caller. For now, say that we are not sure what
+    // happens next. If necessary, this can be improved to analyze
+    // the parent StackFrameContext's call site in a similar manner.
+    if (Blk == &Cfg.getExit())
+      return false;
+
     for (const auto &Succ : Blk->succs()) {
       if (const CFGBlock *SuccBlk = Succ.getReachableBlock()) {
-        if (SuccBlk == &Cfg.getExit()) {
-          // If at least one path reaches the CFG exit, it means that control is
-          // returned to the caller. For now, say that we are not sure what
-          // happens next. If necessary, this can be improved to analyze
-          // the parent StackFrameContext's call site in a similar manner.
-          return false;
-        }
-
         if (!isImmediateSinkBlock(SuccBlk) && !Visited.count(SuccBlk)) {
           // If the block has reachable child blocks that aren't no-return,
           // add them to the worklist.