llvm-project

175ad663 - [analyzer] Mention possibility of underflow in array overflow errors (#84201)

[analyzer] Mention possibility of underflow in array overflow errors (#84201) The checker alpha.security.ArrayBoundV2 performs bounds checking in two steps: first it checks for underflow, and if it isn't guaranteed then it assumes that there is no underflow. After this, it checks for overflow, and if that's guaranteed or the index is tainted then it reports it. This meant that in situations where overflow and underflow are both possible (but the index is either tainted or guaranteed to be invalid), the checker was reporting just an overflow error. This commit modifies the messages printed in these cases to mention the possibility of an underflow. --------- Co-authored-by: Balazs Benics <benicsbalazs@gmail.com>