https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105155
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> --- -fsanitize=signed-integer-overflow currently instruments (unlike e.g. the shift or division instrumentation) only what falls through unfolded from the early passes (generic folding, gimplification and up to switching into ssa form), with some !TYPE_OVERFLOW_SANITIZED checks in match.pd; the reason for that is that there are simply way too many spots in the FE that produce the arithmetics and we need to ensure that sanitization doesn't break constant expressions. We don't even instrument int bar (int a) { return __INT_MAX__ + 1; } but do: int baz (int a) { int x = __INT_MAX__; return x + 1; } (but there is a warning in the bar case). E.g. to instrument it even in bar, we'd need to change e.g. in the C FE: /* Treat expressions in initializers specially as they can't trap. */ if (int_const_or_overflow) ret = (require_constant_value ? fold_build2_initializer_loc (location, resultcode, build_type, op0, op1) : fold_build2_loc (location, resultcode, build_type, op0, op1)); else ret = build2 (resultcode, build_type, op0, op1); such that if for the int_const_or_overflow && !require_constant_value case ret has TREE_OVERFLOW on it and signed-integer-overflow is enabled, we'd do build2 instead.