On AArch64 with UBSan, the following testcase (reduced from c-c++-common/torture/builtin-arith-overflow-10.c) shows us invoking UB while evaluating the "J" constraint: $ cat test.c long a(); unsigned b(long); void c() { int d, e; for (d = 0;; d++) for (e = 0; e < (char)~0; e++) { long f = d - 9223372036854775807, g = e - 9223372036854775807 - 1; __int128 h = f + g; if (a() != h) if (b(g) != h) __builtin_abort(); } } $ gcc/xgcc -B gcc test.c -c -O /home/alecop01/toolchain/src/gcc/gcc/config/aarch64/constraints.md:86:23: runtime error: negation of -9223372036854775808 cannot be represented in type 'long int'; cast to an unsigned type to negate this value to itself #0 0x434aa1c in insn_const_int_ok_for_constraint(long, constraint_num) /home/alecop01/toolchain/src/gcc/gcc/config/aarch64/constraints.md:86 #1 0x18892ec in process_alt_operands /home/alecop01/toolchain/src/gcc/gcc/lra-constraints.c:2420 #2 0x18892ec in curr_insn_transform /home/alecop01/toolchain/src/gcc/gcc/lra-constraints.c:4108 #3 0x189df28 in lra_constraints(bool) /home/alecop01/toolchain/src/gcc/gcc/lra-constraints.c:5174 #4 0x1832cd4 in lra(_IO_FILE*) /home/alecop01/toolchain/src/gcc/gcc/lra.c:2336 #5 0x16d1784 in do_reload /home/alecop01/toolchain/src/gcc/gcc/ira.c:5835 #6 0x16d1784 in execute /home/alecop01/toolchain/src/gcc/gcc/ira.c:6021 #7 0x1b5ec1c in execute_one_pass(opt_pass*) /home/alecop01/toolchain/src/gcc/gcc/passes.c:2567 #8 0x1b623b8 in execute_pass_list_1 /home/alecop01/toolchain/src/gcc/gcc/passes.c:2656 #9 0x1b623f0 in execute_pass_list_1 /home/alecop01/toolchain/src/gcc/gcc/passes.c:2657 #10 0x1b624d4 in execute_pass_list(function*, opt_pass*) /home/alecop01/toolchain/src/gcc/gcc/passes.c:2667 #11 0xc7b2a4 in cgraph_node::expand() /home/alecop01/toolchain/src/gcc/gcc/cgraphunit.c:1830 #12 0xc7ff24 in expand_all_functions /home/alecop01/toolchain/src/gcc/gcc/cgraphunit.c:1994 #13 0xc7ff24 in symbol_table::compile() /home/alecop01/toolchain/src/gcc/gcc/cgraphunit.c:2358 #14 0xc8b81c in symbol_table::compile() /home/alecop01/toolchain/src/gcc/gcc/cgraphunit.c:2271 #15 0xc8b81c in symbol_table::finalize_compilation_unit() /home/alecop01/toolchain/src/gcc/gcc/cgraphunit.c:2539 #16 0x1f97478 in compile_file /home/alecop01/toolchain/src/gcc/gcc/toplev.c:482 #17 0x68d9b0 in do_compile /home/alecop01/toolchain/src/gcc/gcc/toplev.c:2201 #18 0x68d9b0 in toplev::main(int, char**) /home/alecop01/toolchain/src/gcc/gcc/toplev.c:2340 #19 0x6910d0 in main /home/alecop01/toolchain/src/gcc/gcc/main.c:39 #20 0xffffa32db6dc in __libc_start_main (/lib/aarch64-linux-gnu/libc.so.6+0x206dc) #21 0x691b2c (/data/alecop01/builds/bstrap-ubsan/gcc/cc1+0x691b2c)
(define_constraint "J" "A constant that can be used with a SUB operation (once negated)." (and (match_code "const_int") (match_test "aarch64_uimm12_shift (-ival)"))) So this should be: - (unsigned HOST_WIDE_INT) ival There are other targets which have a similar issue: config/alpha/constraints.md: (match_test "IN_RANGE (-ival, 0, 255)"))) config/arc/constraints.md: (match_test "UNSIGNED_INT6 (-ival)"))) config/arc/constraints.md: && ((ival >= 0 ? ival : -ival) config/arc/constraints.md: <= 0x3f * (ival & -ival)))"))) config/arc/constraints.md: (match_test "!(ival & ~124) || !(-ival & ~124)"))) config/arc/constraints.md: && ((ival >= 0 ? ival : -ival) config/arc/constraints.md: <= 0x7ff * (ival & -ival)))"))) config/arc/constraints.md: (match_test "IS_POWEROF2_P (-ival)") config/arc/constraints.md: (match_test "IS_POWEROF2_OR_0_P (ival + (ival & -ival))"))) config/arc/constraints.md: || ((ival & 0xffffffffUL) >> exact_log2 (ival & -ival) config/arm/constraints.md: (match_test "((-ival) & 0xfffff000) == 0")))) config/arm/constraints.md: (match_test "TARGET_32BIT ? const_ok_for_arm (-ival) config/csky/constraints.md: (match_test "CSKY_CONST_OK_FOR_Uj (-ival + 4)"))) config/epiphany/constraints.md: (match_test "SIMM11 (-ival)"))) config/pru/constraints.md: (match_test "UBYTE_INT (-ival)")))