https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96766
--- Comment #2 from Jonathan Wakely <redi at gcc dot gnu.org> --- This is clang's stupid "unsigned overflow" sanitizer, which complains about correct code. The conversion here is intended, and does exactly the right thing, converting numeric_limits<size_t>::max() to numeric_limits<unsigned char>::max().
