6806226: Signed integer overflow in growable array code causes JVM crash

Summary: Workaround the overflow by doing the intermediate calculations in an unsigned variable.
Reviewed-by: ysr, jcoomes

src/share/vm/utilities/growableArray.cpp

@@ -43,11 +43,13 @@ void GenericGrowableArray::check_nesting() {
 #endif
 
 void* GenericGrowableArray::raw_allocate(int elementSize) {
+  assert(_max >= 0, "integer overflow");
+  size_t byte_size = elementSize * (size_t) _max;
   if (on_stack()) {
-    return (void*)resource_allocate_bytes(elementSize * _max);
+    return (void*)resource_allocate_bytes(byte_size);
   } else if (on_C_heap()) {
-    return (void*)AllocateHeap(elementSize * _max, "GrET in " __FILE__);
+    return (void*)AllocateHeap(byte_size, "GrET in " __FILE__);
   } else {
-    return _arena->Amalloc(elementSize * _max);
+    return _arena->Amalloc(byte_size);
   }
 }