-fsanitize=undefined confirms there is no overflow.
This statement is false. (Speaking as a logician ;-) )
-fsanitize=xxx instruments the code with run-time checks. Of course, just compiling with -fsanitize=undefined does not provide any confirmation/infirmation on the potential overflow.
If you run the instrumented code, and it aborts or logs "UB: overflow", you can definitely state that there is an overflow. If you get no error, it just means that:
Cheers !