https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82079
--- Comment #1 from Jakub Jelinek <jakub at gcc dot gnu.org> --- That is not a bug, but how it is meant to work and how it works in clang too. The IL doesn't make any distinction between s + 18446603339198873381UL and s + -1317290203L or s -1317290203L, therefore we have to consider offsets with MSB set as negative. s + -1317290203L is perfectly fine for say s = malloc (1317290213L) + 1317290211L; -fsanitize=pointer-overflow is just a fast overflow check, doesn't know the boundaries of anything, and works as if ((ssize_t) offset < 0 ? (uintptr_t) (ptr + offset) > ptr : (uintptr_t) (ptr + offset) < ptr) runtime_failure (); with optimizations if offset is constant.
