search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
26.76k stars 10.96k forks source link

False positive from `cplusplus.InnerPointer` with thread locals #59870

Open TedLyngmo opened 1 year ago

TedLyngmo commented 1 year ago 
#include <iostream>
#include <string>

const char* foo(int value) {
    thread_local std::string retval;

    retval = std::to_string(value);
    return retval.c_str();  // Pointer to inner buffer of 'std::string' obtained here
                            // Inner buffer of 'std::string' deallocated by call to destructor
                            // Inner pointer of container used after re/deallocation
}

int main(int argc, [[maybe_unused]] char* argv[]) {
    std::cout << foo(argc) << '\n';
}

The thread_local std::string is implicitly static so, the const char* will be valid for that thread until the next time the thread calls the function (and until the thread dies).

llvmbot commented 1 year ago

@llvm/issue-subscribers-clang-static-analyzer

haoNoQ commented 1 year ago

Yes, it's a bug, thanks a lot for a useful bug report! I suspect it's a general problem with thread locals, so not necessarily checker's fault.