Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8335664

Parsing jsr broken: assert(bci>= 0 && bci < c->method()->code_size()) failed: index out of bounds

XMLWordPrintable

    • b13

        If you fix this bug: please mention me, I spent quite some time extracting the JASM file for you to have a simple reproducer ;)

        Affected:
        JDK23 - JDK11, maybe further back (did not check more).

        Product gives us:
        Error: Unable to initialize main class TestClassNew
        Caused by: java.lang.LinkageError: Illegal class file encountered. Try running with -Xverify:all in method main

        Debug reproduces/asserts immediately.
        emanuel@emanuel-oracle:xyz$ java -jar ~/Documents/asmtools-7.0-build/release/lib/asmtools.jar jasm Test.jasm
        emanuel@emanuel-oracle:xyz$ /oracle-work/jdk-fork2/build/linux-x64-debug/jdk/bin/java Test

        # A fatal error has been detected by the Java Runtime Environment:
        #
        # Internal Error (/oracle-work/jdk-fork2/open/src/hotspot/share/oops/generateOopMap.cpp:401), pid=3707675, tid=3707676
        # assert(bci>= 0 && bci < c->method()->code_size()) failed: index out of bounds
        #
        # JRE version: Java(TM) SE Runtime Environment (24.0) (fastdebug build 24-internal-2024-06-13-1913126.emanuel...)
        # Java VM: Java HotSpot(TM) 64-Bit Server VM (fastdebug 24-internal-2024-06-13-1913126.emanuel..., mixed mode, tiered, compressed oops, compressed class ptrs, g1 gc, linux-amd64)
        # Problematic frame:
        # V [libjvm.so+0xd5b5c8] GenerateOopMap::bb_mark_fct(GenerateOopMap*, int, int*) [clone .part.0]+0x28
        #
        # Core dump will be written. Default location: Core dumps may be processed with "/usr/share/apport/apport -p%p -s%s -c%c -d%d -P%P -u%u -g%g -- %E" (or dumping to /oracle-work/???/files-for-report/24-13/core.3707675)
        #
        # If you would like to submit a bug report, please visit:
        # https://bugreport.java.com/bugreport/crash.jsp

        bci = 39, c->method()->code_size() = 39

        We are at bci 36, where the jsr bytecode is. Then, we want to step the length of that bytecode forward, i.e. +3, and mark the bci there as a block header. But that is the end of the code, i.e. there is nothing after the jsr.

        I extracted a simple JASM test:

        super public class Test
        {
            public static Method main:"([Ljava/lang/String;)V"
            stack 100 locals 100
            {
                return;
            LABEL:
                nop;
                jsr LABEL; // bci=2. Compute bci + length(jsr) -> bci = 5 accessed, out of bounds.
            }
        }

          1. Test.jasm
            0.2 kB
          2. Test.class
            0.2 kB
          3. hs_err_pid3707675.log
            83 kB

              matsaave Matias Saavedra Silva
              epeter Emanuel Peter
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: