Clang's undefined behavior sanitizer is flagging several places in CPython where it is relying on float-cast-overflow behavior. Typically exposed where an out of bounds floating point value is cast to another type.
The clang compiler is about to start applying optimizations that alters the previous version of the undefined behavior on some platforms. We need to make CPython clean for float-cast-overflow errors.
examples:
_PyTime_DoubleToDenominator https://github.com/python/cpython/blob/master/Python/pytime.c#L159
_PyTime_FromFloatObject - https://github.com/python/cpython/blob/master/Python/pytime.c#L389
getargs double cast to a float - https://github.com/python/cpython/blob/master/Python/getargs.c#L864
_PyFloat_Pack4 double cast to a float - https://github.com/python/cpython/blob/master/Objects/floatobject.c#L2234
These are found by running a ubsan build with this checker enabled on test_datetime, test_getargs2, test_struct, and test_thread.
There are probably others, but our own test suite happens to trigger these.
In many cases we should use correct conversion code instead of the cast that does what we want when the value is out of bounds and without a defined conversion. In others we might want an OverflowError or ValueError. But preserving the existing compilers up until now behavior makes more sense from a code compatibility standpoint (ie: it is not expecting an OverflowError when we make a CPython API that takes a float as input but behind the scenes uses a C API that operates on an int64 - that is an implementation detail no user should care about).
|