http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54582
--- Comment #7 from Jakub Jelinek <jakub at gcc dot gnu.org> 2013-02-06
13:25:29 UTC ---
Because object sizes are finalized only during the objsz pass, after lots of
optimization passes. Note, as I said earlier, what matters most is that the
check is performed at runtime in that case and thus the source code bug can't
be exploited. The warning is just to let the user know earlier than at
runtime, when easily possible.
-D_FORTIFY_SOURCE{,=2} is done using inline functions, so the FE pretty much
never knows the object size, you need inlining and various propagations (plus
for many cases also the objsz pass that propagates the object size properties
through the IL). In the FE you could do it only if all the fortification
functions were preprocessor macros, and handle only the most simple cases.
