Seen using r143582 on Ubuntu Hardy. I'm pretty sure this is a miscompilation at -O2.
The safe_* macros are basically just macroizations of safe math functions from here: https://www.securecoding.cert.org/confluence/display/seccode/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow reg...@john-home:~/volatile/tmp127$ current-gcc -O1 small.c -o small reg...@john-home:~/volatile/tmp127$ ./small reg...@john-home:~/volatile/tmp127$ current-gcc -O2 small.c -o small reg...@john-home:~/volatile/tmp127$ ./small small: small.c:29: func_31: Assertion `0' failed. Aborted reg...@john-home:~/volatile/tmp127$ current-gcc -v Using built-in specs. Target: i686-pc-linux-gnu Configured with: ../configure --prefix=/home/regehr/z/tmp/gcc-r143582-install --program-prefix=r143582- --enable-languages=c,c++ Thread model: posix gcc version 4.4.0 20090123 (experimental) (GCC) reg...@john-home:~/volatile/tmp127$ cat small.c #include <stdint.h> #include <stdint.h> #include <limits.h> #include <stdio.h> #include <assert.h> #define safe_sub_macro_int8_t_s_s(si1,si2) \ ((((((int8_t)(si1))^((int8_t)(si2))) \ & (((((int8_t)(si1)) ^ ((((int8_t)(si1))^((int8_t)(si2))) \ & (((int8_t)1) << (sizeof(int8_t)*CHAR_BIT-1))))-((int8_t)(si2)))^((int8_t)(si2)))) < ((int8_t)0)) \ ? ((int8_t)(si1)) \ : (((int8_t)(si1)) - ((int8_t)(si2))) \ ) #define safe_add_macro_int16_t_s_s(si1,si2) \ ((((((int16_t)(si1))>((int16_t)0)) && (((int16_t)(si2))>((int16_t)0)) && (((int16_t)(si1)) > ((INT16_MAX)-((int16_t)(si2))))) \ || ((((int16_t)(si1))<((int16_t)0)) && (((int16_t)(si2))<((int16_t)0)) && (((int16_t)(si1)) < ((INT16_MIN)-((int16_t)(si2)))))) \ ? ((int16_t)(si1)) \ : (((int16_t)(si1)) + ((int16_t)(si2))) \ ) uint32_t g_113; void func_31 (uint8_t p_33) { uint32_t l_40 = 0x0A6F85D5L; if (0 >= safe_sub_macro_int8_t_s_s (1 < p_33, safe_add_macro_int16_t_s_s (l_40, 1))) { } else { assert (0); } } int main (void) { func_31 (1); return 0; } -- Summary: possible integer codegen error Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: c AssignedTo: unassigned at gcc dot gnu dot org ReportedBy: regehr at cs dot utah dot edu GCC build triplet: i686-pc-linux-gnu GCC host triplet: i686-pc-linux-gnu GCC target triplet: i686-pc-linux-gnu http://gcc.gnu.org/bugzilla/show_bug.cgi?id=38942