src/share/vm/oops/arrayOop.hpp

Print this page
rev 2779 : 7102044: G1: VM crashes with assert(old_end != new_end) failed: don't call this otherwise
Summary: arrayOopDesc::max_array_length() should return a value that does not overflow a size_t if it is converted to bytes.
Reviewed-by: duke

@@ -1,7 +1,7 @@
 /*
- * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.

@@ -111,13 +111,21 @@
     const int bytes_per_element = type2aelembytes(type);
     if (bytes_per_element < HeapWordSize) {
       return max_jint;
     }
 
-    const int32_t max_words = align_size_down(max_jint, MinObjAlignment);
-    const int32_t max_element_words = max_words - header_size(type);
+    const size_t max_words_per_size_t = SIZE_MAX / HeapWordSize;
+    const int32_t max_words = (int32_t)MIN2((size_t)max_jint, max_words_per_size_t);
+    const int32_t max_element_words = align_size_down(max_words - header_size(type), MinObjAlignment);
     const int32_t words_per_element = bytes_per_element >> LogHeapWordSize;
     return max_element_words / words_per_element;
   }
+  
+// for unit testing
+#ifndef PRODUCT
+  static bool check_overflow(BasicType type);
+  static int32_t old_max_array_length(BasicType type);
+  static bool test_max_array_length();
+#endif
 };
 
 #endif // SHARE_VM_OOPS_ARRAYOOP_HPP