There is a simple antidote to this problem, as long as you have 1) the source code to the compiler you suspect of being bad, and 2) a second compiler (binary only), written by someone who is not friends with the first one. For instance, if you want to verify that gcc is not evil, you need the gcc source, and MS Visual C++. The basic idea is summarized by Bruce Schnier here: https://www.schneier.com/blog/archives/2006/01/countering_tr...