https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105948
--- Comment #1 from Benjamin Priour <vultkayn at gcc dot gnu.org> --- I'm writing a patch for this, and I've got support for non symbolic bounds. However, as I wrote my patch, a missing warning came up. Consider the test case: --- void var_too_short () { short s; long *lp = new (&s) long; /* { dg-warning "stack-based buffer overflow" } */ /* { dg-warning "allocated buffer size is not a multiple of the pointee's size" "" { target *-*-* } .-1 } */ } void static_buffer_too_short () { int n = 16; int buf[n]; int *p = new (buf) int[n + 1]; /* { dg-warning "stack-based buffer overflow" } */ /* (+) */ } --- In 'var_too_short', two warnings are emitted, second being from '-Wanalyzer-allocation-size', which makes sense. Then given the name of this warning, would it not also makes sense to emit it at (+) in 'static_buffer_too_short' ? Pointer 'p' is an int, and 'buf' is an array of int, so the buffer size is indeed a multiple size of 'p'. However, we know 'p' points to an area actually overflowing 'buf', so -Wanalyzer-allocation-size is reasonable there. What are your thoughts on that ?