I found this case earlier today when I accidentally left out -Wall. It took a good few minutes to realize what went wrong.
Confirm the memory sanitizer catches this bug clang -fsanitize=undefined,memory a.c
int main(int argc, char *argv[]) { for(int i = i; i<10; i++) { } }
Now change i to negative i, run it again and you’ll see no error
int main(int argc, char *argv[]) { for(int i = -i; i<10; i++) { } }
My tip-of-tree clang (256a0b298c68b89688b80350b034daf2f7785b67) finds both, but only at -O0 (because the entire loop is optimised out under higher opt levels, Compiler Explorer).
These kind of niche scenarios are a known potential problem with sanitizers, in that other LLVM optimisation passes can run before us, meaning we don’t ever see the dodgy code. This is particularly true when you have loop-based UB, like you do above, because the compiler can just DCE the entire loop before MSan instrumentation runs.
Basically, known problem, very niche, not worth us fixing (it comes with major overheads and other problems, and it would be very fragile).