RFR: 8338197: [ubsan] ad_x86.hpp:6417:11: runtime error: shift exponent 100 is too large for 32-bit type 'unsigned int' [v6]

[Boris Ulasevich]

On Mon, 6 Oct 2025 11:51:44 GMT, Andrew Dinn <adinn at openjdk.org> wrote:

>> src/hotspot/share/adlc/output_h.cpp line 768:
>> 
>>> 766:     fprintf(fp_hpp, "  }\n\n");
>>> 767:     fprintf(fp_hpp, "  Pipeline_Use_Cycle_Mask& operator<<=(int n) {\n");
>>> 768:     fprintf(fp_hpp, "    _mask <<= (n < 32) ? n : 31;\n");
>> 
>> I was staring at this line for a while. Isn't this cutting too early? I would have expected `n=32` case to zero out the mask completely. Instead, this code moves lowest bit to highest bit, as it performs 31-bit shift. Should it be something like `_mask = (n < 32) ? (_mask << n) : 0;`?
>
> This is arguably correct. However, it doesn't really matter much whether we cap the depth at(n) at 32 or 31 because for all current pipeline models the pipeline depth is always way less than 31.

Yes, you’re right. I mechanically limited the shift to the maximum allowed value according to the static analyzer message, which means the top bit can survive an excessive shift. Semantically, however, the shift represents elapsed pipeline cycles. If the shift is large, even beyond the mask width, it means all cycles have passed, so all bits should be shifted out rather than stopping at the last valid step.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/26890#discussion_r2407121670