https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106901
--- Comment #5 from Carlos Galvez <carlosgalvezp at gmail dot com> --- I also would like to understand why the warning is not triggered if the first "if (size < expected_size)" is removed. https://godbolt.org/z/7vqPxhsqo The possibility of executing the loop and do out-of-bounds still exists, right? So why is the compiler warning in one case and not other? Similarly, a regular for-loop with "size" known at runtime is equally risky, yet the compiler is not flagging it: bool bar(std::array<int, 5> const& vec, std::size_t const size) { for (std::size_t i{0}; i < size; ++i) { if (vec[i] != 0) { return false; } } return true; } https://godbolt.org/z/6c64MEY7d Personally, I think this warning should only warn about 100% confirmed OOB cases, and put the "maybe" cases in a separate flag. All respectable projects have as minimum "-Wall -Werror" in their compiler flags, to detect problems that do exist, not that "might" exist. This can lead to quite a few false positives, leading to people either disabling the warning altogether (which is pretty bad!) or polluting the code with inline pragmas (disallowed by some coding guidelines).
