--- gcc/gcc/doc/invoke.texi

+++ gcc/gcc/doc/invoke.texi

@@ -13873,7 +13873,7 @@ on Intel Control-flow Enforcement Technology (CET).

 Emit extra code to check for buffer overflows, such as stack smashing

 attacks.  This is done by adding a guard variable to functions with

 vulnerable objects.  This includes functions that call @code{alloca}, and

-functions with buffers larger than or equal to 8 bytes.  The guards are

+functions with buffers larger than or equal to 4 bytes.  The guards are

 initialized when a function is entered and then checked when the function

 exits.  If a guard check fails, an error message is printed and the program

 exits.  Only variables that are actually allocated on the stack are

--- gcc/gcc/params.opt

+++ gcc/gcc/params.opt

@@ -853,7 +853,7 @@ Common Joined UInteger Var(param_ssa_name_def_chain_limit) Init(512) Param Optim

 The maximum number of SSA_NAME assignments to follow in determining a value.

 -param=ssp-buffer-size=

-Common Joined UInteger Var(param_ssp_buffer_size) Init(8) IntegerRange(1, 65536) Param Optimization

+Common Joined UInteger Var(param_ssp_buffer_size) Init(4) IntegerRange(1, 65536) Param Optimization

 The lower bound for a buffer to be considered for stack smashing protection.

 -param=stack-clash-protection-guard-size=