https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107677
--- Comment #6 from Richard Biener <rguenth at gcc dot gnu.org> --- If you supply a runtime index or pointer offset GCC tries to constrain that value. If it can constrain the index or pointer offset such that the access would always be out of the bounds of an array that is accessed or offsetted then this is an "always out of bounds" access to the diagnostic. Consider int a[3]; if (n > 1) return a[n]; here we'd constrain n to be in the range [2, INT_MAX] and _not_ diagnose the a[n] reference (because '2' would be a valid index). That's done to not make imperfect range analysis cause diagnostics all over the place. The most common reason for false positives is instead code that's never executed at runtime but the intermediate language GCC works on allowed it to constrain an access enough. That's either a missed optimization in case GCC should have been able to see it's eliminatable dead code it warns on or "unfortunate" in that it cannot. Often the constraints GCC uses result from other optimizations that duplicate code. Confusing is how GCC tries to second-guess the actual array you are accessing when it just sees pointer arithmetic instead of clearly communicating the offsetting of a pointer.
