# HG changeset patch
# User ysr
# Date 1260313937 28800
# Node ID 7bfd295ec07471aaf509d87c0c02fcbf06181375
# Parent  9118860519b65de176c585dd6126a843acbca133
6908208: UseCompressedOops: array_size() returns incorrect size for MAX_INT object array following 6906727
Summary: In array_size() cast to an unsigned to avoid overflow of intermediate value.
Reviewed-by: kvn, tonyp, jmasa, jcoomes, coleenp

diff -r 9118860519b6 -r 7bfd295ec074 src/share/vm/oops/objArrayOop.hpp
--- a/src/share/vm/oops/objArrayOop.hpp	Mon Dec 07 14:22:34 2009 -0500
+++ b/src/share/vm/oops/objArrayOop.hpp	Tue Dec 08 15:12:17 2009 -0800
@@ -58,7 +58,7 @@
       old_res = align_size_up(length, OopsPerHeapWord)/OopsPerHeapWord;
     }
 #endif  // ASSERT
-    int res = (length + OopsPerHeapWord - 1)/OopsPerHeapWord;
+    int res = ((uint)length + OopsPerHeapWord - 1)/OopsPerHeapWord;
     assert(res == old_res, "Inconsistency between old and new.");
     return res;
   }
@@ -96,7 +96,11 @@
 
   static int object_size(int length) {
     // This returns the object size in HeapWords.
-    return align_object_size(header_size() + array_size(length));
+    uint asz = array_size(length);
+    uint osz = align_object_size(header_size() + asz);
+    assert(osz >= asz,   "no overflow");
+    assert((int)osz > 0, "no overflow");
+    return (int)osz;
   }
 
   // special iterators for index ranges, returns size of object