A compiler is allowed to optimize away the comparison because
it assumes that signed integers *won't* overflow.

Integer overflows can be more reliably detected using
the undefined behavior sanitizer from gcc/llvm, e.g:

$ LDFLAGS="-fsanitize=undefined" \
  ./configure --extra-cflags="-fsanitize=undefined"

See Issue 903 for an example.

Change-Id: Ia157910c72eeadf75975125349402b66c085c074