Bug ID: JDK-5088035 hotswap fires assert(0 <= i && i

JDK-5088035 : hotswap fires assert(0 <= i && i < length(),"index out of bounds")

Type: Bug
Component: hotspot
Sub-Component: jvmti
Affected Version: 5.0,6

Priority: P4
Status: Resolved
Resolution: Fixed
OS: generic
CPU: generic

Submitted: 2004-08-17
Updated: 2016-12-12
Resolved: 2005-03-02

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

Other	JDK 6
5.0u4Fixed	6 b26Fixed

Related Reports

Duplicate :	JDK-5063021 - protection domain not used in redefine classes
Relates :	JDK-5002251 - potential bug with annotations and class file evolution
Relates :	JDK-8155951 - VM crash in nsk/jvmti/RedefineClasses/StressRedefine: assert failed: Corrupted constant pool
Relates :	JDK-6780119 - hs104t002 fires assert(0 <= i && i < length(),"index out of bounds")
Relates :	JDK-8155673 - Remove constant pool merging for class redefinition
Relates :	JDK-6272221 - assertion failure in ContiguousSpace::block_size after massive number of RedefineClasses
Relates :	JDK-6394084 - Redefine class can't handle addition of 64 bit constants in JDK1.5.0_04
Relates :	JDK-6173565 - RedefineClasses must be fast even when hundreds or thousands of classes are redefined
Relates :	JDK-6173560 - constant pool of redefined class should be safe and high-performance -- make it append only

Description

Name: dd4877			Date: 08/17/2004


###@###.### 2004-08-17

This assertion fails in the following NSK tests:

    nsk/jvmti/scenarios/hotswap/HS101/hs101t004
    nsk/jvmti/scenarios/hotswap/HS101/hs101t006

Here are the two analysis report entries:

New JVMTI_QUICKLOOK failures (from 2004.08.03)
    nsk/jvmti/scenarios/hotswap/HS101/hs101t004
        This test failed on Solaris SPARC-64 and Solaris X86 Server VMs
        due to the following assertion failure:
            Internal Error (src/share/vm/oops/cpCacheOop.hpp, 296)
            assert(0 <= i && i < length(),"index out of bounds")
                                                                                
        Update: I found the following two bugs with the same assert()
            failure:
                5065314 3/4 ShouldNotReachHere in xmlstream
                            -XX:+PrintOptoAssembly -XX:CompileThreshold=2
                5065316 3/4 Running with -XX:+CIPrintMethodCodes and
                            -XX:CompileThreshold=2 crashes
            I've pinged John Rose about the failure, but no response yet.
        Update: Here's John's response:
            The assert will happen whenever a garbage constant pool
            index  is retrieved from the bytecode stream.  This in turn
            often happens  because a methodOop is moved by the GC and
            the interpreter keeps some  sort of dangling pointer at the
            old address.  If you trace back in a  core file, you might
            find that the offending value of 'i' is two bytes  out of
            the middle of a pointer, or some other random thing.
        Update: based on John's response, I think we have a different bug
            than the two I mentioned above.
        Update: This test has the following failure distribution from
            2004.07.30 -> 2004.08.09:
                1 ClientVM-comp-Solsparc
                3 ClientVM-comp-solx86
                3 ServerVM-comp-64BITLINUX-AMD64
                4 ServerVM-comp-64BITSOLSPARC
                1 ServerVM-comp-linux-i386
                5 ServerVM-comp-solx86

New JVMTI_QUICKLOOK failures (from 2004.08.16)
*   nsk/jvmti/scenarios/hotswap/HS101/hs101t006
        This test failed the following assertion on Solaris SPARC-64
        Server VM:
            Internal Error (src/share/vm/oops/cpCacheOop.hpp, 296
            Error: assert(0 <= i && i < length(),"index out of bounds")
        This is the same error that we see with hs101t004 (see below).



======================================================================

This bug is also observed in the attached many.zip program which does not crash but gives incorrect results when run on "ntk" a Solaris Opteron box --

98 WS_C - ntk: tests/redefmany] /java/re/jdk/1.5.0/promoted/fcs/b64/binaries/solaris-i586/bin/java
-agentlib:test test
encourageCompilation
foo99
encourageCompilation
99 WS_C - ntk: tests/redefmany] /java/re/jdk/1.5.0/promoted/fcs/b64/binaries/solaris-i586/bin/java
-agentlib:test test
encourageCompilation
foo99
encourageCompilation
Wrong value returned by static function 4, redefinition 1, cmd 1, expected 305419896, got 305419897
Wrong value returned by static function 6, redefinition 1, cmd 1, expected 305419896, got 305419897
100 WS_C - ntk: tests/redefmany] /java/re/jdk/1.5.0/promoted/fcs/b64/binaries/solaris-i586/bin/java -agentlib:test test
encourageCompilation
foo99
encourageCompilation
Wrong value returned by static function 0, redefinition 1, cmd 1, expected 305419896, got 305419898
Wrong value returned by static function 4, redefinition 1, cmd 1, expected 305419896, got 305419897
Wrong value returned by static function 5, redefinition 1, cmd 1, expected 305419896, got 305419897
Wrong value returned by static function 6, redefinition 1, cmd 1, expected 305419896, got 305419897
101 WS_C - ntk: tests/redefmany] /java/re/jdk/1.5.0/promoted/fcs/b64/binaries/solaris-i586/bin/java -agentlib:test test
encourageCompilation
foo99
encourageCompilation
Wrong value returned by static function 4, redefinition 1, cmd 1, expected 305419896, got 305419897
Wrong value returned by static function 6, redefinition 1, cmd 1, expected 305419896, got 305419897
102 WS_C - ntk: tests/redefmany] /java/re/jdk/1.5.0/promoted/fcs/b64/binaries/solaris-i586/bin/java -agentlib:test test
encourageCompilation
foo99
encourageCompilation
103 WS_C - ntk: tests/redefmany] /java/re/jdk/1.5.0/promoted/fcs/b64/binaries/solaris-i586/bin/java -agentlib:test test
encourageCompilation
foo99
encourageCompilation
Wrong value returned by static function 1, redefinition 1, cmd 1, expected 305419896, got 305419897
Wrong value returned by static function 5, redefinition 1, cmd 1, expected 305419896, got 305419897
Wrong value returned by static function 6, redefinition 1, cmd 1, expected 305419896, got 305419897

-Robert
###@###.### 10/28/04 04:01 GMT

This assertion failed in the gc_baseline nightly testing
for 

nsk/jvmti/scenarios/hotswap/HS101/hs101t005

on 02/20/2005 in the server, solx86, ParallelGC
###@###.### 2005-2-23 04:53:34 GMT

Comments

Without constant pool merging, the bug in get_method() is that it gets the constant pool of the original klass and not the constant pool of the method, which might be an older constant pool. This broke again with invokedynamic because even though the constant pool is rewritten, the cache isn't and the old methods bytecodes point to the cpCache. The cpCache created with the merged constant pool will not itself be equivalent to a merged cpCache because invokedynamic adds entries to the end of the cpCache. The fix for JDK-8155951 helps this because it locks constant pool merging and makes sure that the right constant pool is used for compiling an old method, BUT does not completely solve the problem. The only thing that can really solve this problem is adding the concept of cpCache merging (not sure if that's entirely possible), or remove constant pool merging.
12-12-2016
SUGGESTED FIX The solution for this bug is to introduce the concept of constant pool merging so that a constant pool never shrinks in size. This bug was fixed as part of a batch of JFluid/RedefineClasses fixes targeted for a Tiger-Update release. Please see the attached jfluid-merge-update4-full-webrev.tar.Z for the complete set of changes in the batch. ###@###.### 2005-2-25 22:09:08 GMT
25-02-2005
EVALUATION Name: dd4877 Date: 09/09/2004 daniel.daugherty@Sun 2004-09-09 hs101t004 uses the NSK HotSwap agent. The agent enables the CLASS_FILE_LOAD_HOOK event and uses it to cache a copy the classes in the specified package. For hs101t004, the package is "nsk" and 14 "target" classes are cached. The agent starts a "background" thread that prepares modified versions of the cached classes. For hs101t004, we instrument each method in the target classes to count the number of method calls. The background thread drops into a loop and redefines the target classes. The loop uses a flag to alternate between the original bytecodes and the instrumented bytecodes. So hs101t004 stress tests the RedefineClasses() API by asynchronously swapping back and forth between original and modified bytecodes for a specified number of times (100 in this case). It is during the stress testing that the assertion fires. There appears to be a race between the compilation subsystems (C1 and C2) and the RedefineClasses() API. Specifically, the modified bytecodes are being compiled by C1 or C2 when RedefineClasses() switches back to the original bytecodes. The compiler (C1 or C2) runs into a constant pool index that is valid for the modified bytecodes, but is not valid for the original bytecodes. ======================================================================
10-09-2004
PUBLIC COMMENTS Name: dd4877 Date: 08/17/2004 . ======================================================================
10-09-2004