This isn’t a Static Analyzer issue. Could you please remove that tag? -Wreturn-stack-address is implemented by a Sema diagnostic at around SemaInit.cpp.
BTW to have a warning for the missing cases, I think it would need to use some sort of lifetime analysis. @Xazax-hun probably knows about this more.
I think this was the post about the lifetime annotations stuff.
Doesn’t that depend on the implementation? libc++ has a short string optimisation, and I believe "some text" is short enough to fit on 64-bit architectures. Presumably for std::ostringstream it’s complaining about the temporary std::string created by str() potentially doing the same, though Clang may not be smart enough (and probably shouldn’t be in diagnostics?) to know that it’s not being hit and is instead returning heap-allocated memory (which of course is also being deleted, but that’s not what the warning is about, and that’s harder to prove things about).
Basically you are right, it’s of course implementation dependent
Then, returning a char* from an instance method after the class goes out of scope doesn’t seem to me to be a good practice and I consider it as quite risky. Of couse this would not apply if the “wrapper” function returned a class (string, .or other ) instead of a char*.
Plus in my case: I have to take over sources of about 1M loc where all warnings have been desactivated for a couple of years. So I’d prefer false positives.