From 039887a0ac9bd02cfd84e4792d3d21a78bc06a7f Mon Sep 17 00:00:00 2001
From: Paul Sokolovsky
Date: Sun, 2 Nov 2014 02:39:41 +0200
Subject: py: Fix bug with right-shifting small ints by large amounts.

Undefined behavior in C, needs explicit check.
---
 py/compile.c | 5 +++++
 py/runtime.c | 5 +++++
 2 files changed, 10 insertions(+)

(limited to 'py')

diff --git a/py/compile.c b/py/compile.c
index 61b827859..363350395 100644
--- a/py/compile.c
+++ b/py/compile.c
@@ -233,6 +233,11 @@ STATIC mp_parse_node_t fold_constants(compiler_t *comp, mp_parse_node_t pn, mp_m
                         }
                     } else if (MP_PARSE_NODE_IS_TOKEN_KIND(pns->nodes[1], MP_TOKEN_OP_DBL_MORE)) {
                         // int >> int
+                        if (arg1 >= BITS_PER_WORD) {
+                            // Shifting to big amounts is underfined behavior
+                            // in C and is CPU-dependent; propagate sign bit.
+                            arg1 = BITS_PER_WORD - 1;
+                        }
                         pn = mp_parse_node_new_leaf(MP_PARSE_NODE_SMALL_INT, arg0 >> arg1);
                     } else {
                         // shouldn't happen
diff --git a/py/runtime.c b/py/runtime.c
index f6f34be94..e225ba8b0 100644
--- a/py/runtime.c
+++ b/py/runtime.c
@@ -337,6 +337,11 @@ mp_obj_t mp_binary_op(mp_uint_t op, mp_obj_t lhs, mp_obj_t rhs) {
                         nlr_raise(mp_obj_new_exception_msg(&mp_type_ValueError, "negative shift count"));
                     } else {
                         // standard precision is enough for right-shift
+                        if (rhs_val >= BITS_PER_WORD) {
+                            // Shifting to big amounts is underfined behavior
+                            // in C and is CPU-dependent; propagate sign bit.
+                            rhs_val = BITS_PER_WORD - 1;
+                        }
                         lhs_val >>= rhs_val;
                     }
                     break;
-- 
cgit v1.2.3