https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101415
Bug ID: 101415 Summary: [12 Regression] Bogus -Warray-bounds warning with stpcpy Product: gcc Version: 12.0 Status: UNCONFIRMED Keywords: diagnostic Severity: normal Priority: P3 Component: middle-end Assignee: unassigned at gcc dot gnu.org Reporter: fw at gcc dot gnu.org Target Milestone: --- This (derived from the glibc function of the same name): char * nis_local_group (char *cptr) { static char __nisgroup[1025]; if (*cptr != '\0' && __builtin_strlen (cptr) < 1024) { char *cp = __builtin_stpcpy (__nisgroup, cptr); if (cp[-1] != '.') __builtin_abort (); } return __nisgroup; } results in /tmp/t.c: In function ‘nis_local_group’: /tmp/t.c:10:13: error: array subscript -1 is outside array bounds of ‘char[1025] ’ [-Werror=array-bounds] 10 | if (cp[-1] != '.') | ~~^~~~ /tmp/t.c:4:15: note: at offset -1 into object ‘__nisgroup’ of size 1025 4 | static char __nisgroup[1025]; | ^~~~~~~~~~ with -O2 -Wall on x86-64 gcc version 12.0.0 20210711 (experimental) [master revision :97a8a2829:269256f33c51222167ad461f775d5468bb5ecaf5]. The warning is bogus because stpcpy returns a pointer to the NUL byte, which is not at the first byte of __nisgroup after the stpcpy. The glibc original does not have this check, so it is buggy, but the warning seems overly aggressive if it cannot detect non-empty strings for stpcpy.