[sgen] Fix small bitmap descriptor bug with large objects.

Objects larger than 64k whose references still fit within a small bitmap
would overflow the size bit field within the descriptor.

mono/metadata/sgen-descriptor.c

@@ -161,7 +161,7 @@ mono_gc_make_descr_for_object (gsize *bitmap, int numbits, size_t obj_size)
 	}
 
 	/* we know the 2-word header is ptr-free */
-	if (last_set < SMALL_BITMAP_SIZE + OBJECT_HEADER_WORDS) {
+	if (last_set < SMALL_BITMAP_SIZE + OBJECT_HEADER_WORDS && stored_size < (1 << SMALL_BITMAP_SHIFT)) {
 		desc = DESC_TYPE_SMALL_BITMAP | stored_size | ((*bitmap >> OBJECT_HEADER_WORDS) << SMALL_BITMAP_SHIFT);
 		SGEN_LOG (6, "Smallbitmap descriptor %p, size: %zd, last set: %d", (void*)desc, stored_size, last_set);
 		return (void*) desc;