https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112314
--- Comment #2 from Jose Dapena Paz <jdapena at igalia dot com> --- (In reply to Jonathan Wakely from comment #1) > For the second one, I did start work on a patch that attempts to verify that > the provided length is not more than __builtin_object_size. I can't remember > why I stopped working on that. There's no way to make that check 100% > reliable, because __builtin_object_size depends on optimizations and whether > the compiler can see enough data. I guess in this case a "best-effort" approach could be good enough? Providing there are no false positives asserting for actually valid calls. In the case of Chromium unit test it is passing a predefined const char[] so, at least making sure those cases are validated would add an extra layer of protection. In any case, the failing test is actually passing -1, my understanding is that that one should always assert no matter what we are passing as const char*.
