Mercurial > hg > truffle
changeset 4075:aa4c21b00f7f
7110152: assert(size_in_words <= (julong)max_jint) failed: no overflow
Summary: Reduce what arrayOopDesc::max_array_length() returns to avoid int overflow
Reviewed-by: kvn, dholmes, tonyp
author | brutisso |
---|---|
date | Tue, 15 Nov 2011 20:17:33 +0100 |
parents | ab5107bee78c |
children | 2ceafe3ceb65 |
files | src/share/vm/oops/arrayOop.hpp |
diffstat | 1 files changed, 9 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/vm/oops/arrayOop.hpp Wed Nov 09 23:21:00 2011 +0100 +++ b/src/share/vm/oops/arrayOop.hpp Tue Nov 15 20:17:33 2011 +0100 @@ -110,10 +110,16 @@ assert(type >= 0 && type < T_CONFLICT, "wrong type"); assert(type2aelembytes(type) != 0, "wrong type"); - const size_t max_element_words_per_size_t = align_size_down((SIZE_MAX/HeapWordSize - header_size(type)), MinObjAlignment); - const size_t max_elements_per_size_t = HeapWordSize * max_element_words_per_size_t / type2aelembytes(type); + const size_t max_element_words_per_size_t = + align_size_down((SIZE_MAX/HeapWordSize - header_size(type)), MinObjAlignment); + const size_t max_elements_per_size_t = + HeapWordSize * max_element_words_per_size_t / type2aelembytes(type); if ((size_t)max_jint < max_elements_per_size_t) { - return max_jint; + // It should be ok to return max_jint here, but parts of the code + // (CollectedHeap, Klass::oop_oop_iterate(), and more) uses an int for + // passing around the size (in words) of an object. So, we need to avoid + // overflowing an int when we add the header. See CRs 4718400 and 7110613. + return align_size_down(max_jint - header_size(type), MinObjAlignment); } return (int32_t)max_elements_per_size_t; }