We have seen the assertion
assert(idx < _maxlrg) failed: oob
in vmTestbase/vm/mlvm/indy/func/java/verifyStackTrace/INDIFY_Test.java
2 times in last months on AIX ppc64, now also on Windows x86_64 .

# Internal Error (/priv/jenkins/client-home/workspace/openjdk-22u-aix_ppc64-dbg/jdk/src/hotspot/share/opto/chaitin.hpp:295), pid=8192474, tid=4805
# assert(idx < _maxlrg) failed: oob
#

Stack: [0x0000000125550000,0x000000012594d888], sp=0x0000000125949ed0, free space=4071k
No context given, using current context.
Native frame:
iar: 0x0900000003ede16c libjvm.so::AixNativeCallstack::print_callstack_for_context(outputStream*, ucontext_t const*, bool, char*, unsigned long)+0x4cc (C++ uses_alloca saves_cr saves_lr stores_bc gpr_saved:18 fixedparms:5 parmsonstk:1)
lr: 0x09000000039bc9b4 libjvm.so::fdStream::write(char const*, unsigned long)+0x44 (C++ uses_alloca saves_lr stores_bc gpr_saved:4 fixedparms:3 parmsonstk:1)
sp: 0x0000000125949190 (base - 0x46F8)
rtoc: 0x08001000a03da400
|---stackaddr----| |----lrsave------|: <function name>
0x0000000125949580 - 0x0900000003eddc2c libjvm.so::os::Aix::platform_print_native_stack(outputStream*, void const*, char*, int, unsigned char*&)+0x24 (C++ uses_alloca saves_lr stores_bc gpr_saved:1 fixedparms:5 parmsonstk:1)
0x0000000125949600 - 0x09000000039cd348 libjvm.so::VMError::report(outputStream*, bool)+0x1c0c (C++ fp_present uses_alloca saves_cr saves_lr stores_bc gpr_saved:18 fixedparms:2 parmsonstk:1)
0x0000000125949ee0 - 0x09000000039bbdc8 libjvm.so::VMError::report_and_die(int, char const*, char const*, char*, Thread*, unsigned char*, void*, void*, char const*, int, unsigned long)+0x7cc (C++ uses_alloca saves_lr stores_bc gpr_saved:18 fixedparms:8 parmsonstk:1)
0x000000012594a0d0 - 0x09000000039bb5b0 libjvm.so::VMError::report_and_die(Thread*, void*, char const*, int, char const*, char const*, char*)+0x58 (C++ uses_alloca saves_lr stores_bc gpr_saved:2 fixedparms:7 parmsonstk:1)
0x000000012594a170 - 0x09000000039bb290 libjvm.so::report_vm_error(char const*, int, char const*, char const*, ...)+0x8c (C++ uses_alloca saves_lr stores_bc gpr_saved:5 fixedparms:4 parmsonstk:1)
0x000000012594a210 - 0x09000000047807ec libjvm.so::PhaseChaitin::Register_Allocate()+0x10a0 (C++ fp_present uses_alloca saves_lr stores_bc gpr_saved:18 fixedparms:1 parmsonstk:1)
0x000000012594a5c0 - 0x090000000475fc64 libjvm.so::Compile::Code_Gen()+0x21c (C++ uses_alloca saves_lr stores_bc gpr_saved:6 fixedparms:1 parmsonstk:1)
0x000000012594b200 - 0x09000000047dd12c libjvm.so::Compile::Compile(ciEnv*, ciMethod*, int, Options, DirectiveSet*)+0x16c4 (C++ fp_present uses_alloca saves_cr saves_lr stores_bc gpr_saved:18 fixedparms:6 parmsonstk:1)
0x000000012594be70 - 0x09000000049ec7a8 libjvm.so::C2Compiler::compile_method(ciEnv*, ciMethod*, int, bool, DirectiveSet*)+0x25c (C++ uses_alloca saves_cr saves_lr stores_bc gpr_saved:18 fixedparms:6 parmsonstk:1)
0x000000012594ca90 - 0x0900000003cffb44 libjvm.so::CompileBroker::invoke_compiler_on_method(CompileTask*)+0xcb4 (C++ fp_present uses_alloca saves_cr saves_lr stores_bc gpr_saved:18 fixedparms:1 parmsonstk:1)
0x000000012594d210 - 0x0900000003cf0264 libjvm.so::CompileBroker::compiler_thread_loop()+0x4c0 (C++ fp_present uses_alloca saves_cr saves_lr stores_bc gpr_saved:18 parmsonstk:1)
0x000000012594d460 - 0x0900000003cefd24 libjvm.so::CompilerThread::thread_entry(JavaThread*, JavaThread*)+0x58 (C++ uses_alloca saves_lr stores_bc gpr_saved:1 fixedparms:2 parmsonstk:1)
0x000000012594d4e0 - 0x0900000003b8ef84 libjvm.so::JavaThread::thread_main_inner()+0x1f8 (C++ uses_alloca saves_lr stores_bc gpr_saved:4 fixedparms:1 parmsonstk:1)
0x000000012594d5b0 - 0x0900000003b8d06c libjvm.so::JavaThread::run()+0x214 (C++ uses_alloca saves_lr stores_bc gpr_saved:5 fixedparms:1 parmsonstk:1)
0x000000012594d650 - 0x0900000003abb85c libjvm.so::Thread::call_run()+0x128 (C++ uses_alloca saves_lr stores_bc gpr_saved:3 fixedparms:1 parmsonstk:1)
0x000000012594d6e0 - 0x0900000003abad50 libjvm.so::thread_native_entry(Thread*)+0x194 (C++ uses_alloca saves_lr stores_bc gpr_saved:9 fixedparms:1 parmsonstk:1)
0x000000012594d7a0 - 0x090000000056204c libpthreads.a::_pthread_body+0xec (C saves_lr stores_bc gpr_saved:1 fixedparms:1 )
0x000000012594d820 - 0x0000000000000000
*** end of backchain ***

*UPDATE 2024-10-04*

Several crash logs show the badResourceValue pattern (abababab r7 below). That indicates a use-after-free issue with memory allocated from the ResourceArea similar to JDK-8336095.

pc =0x00007fffa8a3ed70 lr =0x00007fffa8a545b4 ctr=0x00007fffaaef89b0
r0 =0x00007fffa8a545b4 r1 =0x00007ffe2a9faf00 r2 =0x00007fffaa8b0f00
r3 =0x00007fffaa1e0448 r4 =0x0000000000000127 r5 =0x00007fffaa1e0428
r6 =0x00007fffaa1e0400 r7 =0x00000000abababab r8 =0x0000000000000058
r9 =0x00007ffe2a9fb0c0 r10=0x00007fffaae50000 r11=0x00007fffa9a599a0
r12=0x00007fffaaef89b0 r13=0x00007ffe2aa068e0 r14=0x0000000000000003
r15=0x0000000000000010 r16=0x0000000000000000 r17=0x00007fffaa964bb0
r18=0x00007ffe2a9fb638 r19=0x00007ffe2a9fb080 r20=0x00007fffaa1e22f0
r21=0x00007ffe2a9fb4f0 r22=0x0000000000000001 r23=0x00007ffe2a9fb010
r24=0x00007ffe2a9fb088 r25=0x00007fffaa93ff20 r26=0x0000000000000000
r27=0x000000000000002f r28=0x00007fffaa932170 r29=0x00007ffe2a9fb048
r30=0x00007ffe2a9fb4c8 r31=0x00007ffe2a9faf00

*UPDATE 2024-11-04*

Several crash logs have messages similar to

# assert(idx < _maxlrg) failed: oob: index 2880154539 not smaller than 131

The index 2880154539 in hexadecimal format is abababab. This means that badResourceValue isn't just coincidentally near data used by the program but abababab is actually data used by the program (as variable `idx`). That is a strong indication for a use-after-free bug.