--- old/src/jdk.jdwp.agent/share/native/libjdwp/invoker.c	2016-09-19 08:44:24.092214851 -0400
+++ new/src/jdk.jdwp.agent/share/native/libjdwp/invoker.c	2016-09-19 08:44:22.197577421 -0400
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -343,6 +343,35 @@
     debugMonitorExit(invokerLock);
 }
 
+/*
+ * Check that method is in the specified clazz or one of its super classes.
+ * We have to enforce this check at the JDWP layer because the JNI layer
+ * has different requirements.
+ */
+static jvmtiError check_methodClass(JNIEnv *env, jclass clazz, jmethodID method)
+{
+    jclass containing_class;
+    jvmtiError error;
+
+    error = JVMTI_FUNC_PTR(gdata->jvmti,GetMethodDeclaringClass)
+                (gdata->jvmti, method, &containing_class);
+    if (error != JVMTI_ERROR_NONE) {
+        return JVMTI_ERROR_NONE;  /* Bad jmethodID ?  This will be handled elsewhere */
+    }
+
+    if (JNI_FUNC_PTR(env,IsSameObject)(env, clazz, containing_class)) {
+        return JVMTI_ERROR_NONE;
+    }
+
+    // If not the same class then check that containing_class is a super type of
+    // clazz and not an interface (hence it's a super class).
+    if (JNI_FUNC_PTR(env,IsAssignableFrom)(env, clazz, containing_class) &&
+        referenceTypeTag(containing_class) != JDWP_TYPE_TAG(INTERFACE)) {
+        return JVMTI_ERROR_NONE;
+    }
+    return JVMTI_ERROR_INVALID_METHODID;
+}
+
 jvmtiError
 invoker_requestInvoke(jbyte invokeType, jbyte options, jint id,
                       jthread thread, jclass clazz, jmethodID method,
@@ -353,6 +382,13 @@
     InvokeRequest *request;
     jvmtiError error = JVMTI_ERROR_NONE;
 
+    if (invokeType == INVOKE_STATIC) {
+        error = check_methodClass(env, clazz, method);
+        if (error != JVMTI_ERROR_NONE) {
+            return error;
+        }
+    }
+
     debugMonitorEnter(invokerLock);
     request = threadControl_getInvokeRequest(thread);
     if (request != NULL) {
--- old/test/com/sun/jdi/InterfaceMethodsTest.java	2016-09-19 08:44:40.608269662 -0400
+++ new/test/com/sun/jdi/InterfaceMethodsTest.java	2016-09-19 08:44:38.895773918 -0400
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -197,14 +197,20 @@
         // invoke interface static method A
         testInvokePos(ifaceClass, null, "staticMethodA", "()I", vm().mirrorOf(RESULT_A));
 
-        // try to invoke static method A on the instance
-        testInvokePos(ifaceClass, ref, "staticMethodA", "()I", vm().mirrorOf(RESULT_A));
+        // try to invoke static method A on the instance. This should fail because ref
+        // is of type InterfacemethodsTest$TargetClass which is not a subtype of the
+        // class containing staticMethodA.
+        testInvokeNeg(ifaceClass, ref, "staticMethodA", "()I", vm().mirrorOf(RESULT_A),
+                "Invalid MethodID");
 
         // invoke interface static method B
         testInvokePos(ifaceClass, null, "staticMethodB", "()I", vm().mirrorOf(RESULT_A));
 
-        // try to invoke static method B on the instance
-        testInvokePos(ifaceClass, ref, "staticMethodB", "()I", vm().mirrorOf(RESULT_A));
+        // try to invoke static method B on the instance. This should fail because ref
+        // is of type InterfacemethodsTest$TargetClass which is not a subtype of the
+        // class containing staticMethodB.
+        testInvokeNeg(ifaceClass, ref, "staticMethodB", "()I", vm().mirrorOf(RESULT_A),
+                "Invalid MethodID");
 
         // try to invoke a virtual method
         testInvokePos(ifaceClass, ref, "implementedMethod", "()I", vm().mirrorOf(RESULT_A), true);
@@ -247,13 +253,19 @@
         testInvokePos(ifaceClass, null, "staticMethodB", "()I", vm().mirrorOf(RESULT_B));
 
         // the instance invokes the overriden form of "staticMethodB" from InterfaceB
-        testInvokePos(ifaceClass, ref, "staticMethodB", "()I", vm().mirrorOf(RESULT_B));
+        // This should fail because ref is of type InterfacemethodsTest$TargetClass
+        // which is not a subtype of the class containing staticMethodB.
+        testInvokeNeg(ifaceClass, ref, "staticMethodB", "()I", vm().mirrorOf(RESULT_B),
+                "Invalid MethodID");
 
         // "staticMethodC" is present only in InterfaceB
         testInvokePos(ifaceClass, null, "staticMethodC", "()I", vm().mirrorOf(RESULT_B));
 
-        // "staticMethodC" should be reachable from the instance too
-        testInvokePos(ifaceClass, ref, "staticMethodC", "()I", vm().mirrorOf(RESULT_B));
+        // "staticMethodC" should not be reachable from the instance because ref is of
+        // type InterfacemethodsTest$TargetClass which is not a subtype of the class
+        // containing staticMethodC.
+        testInvokeNeg(ifaceClass, ref, "staticMethodC", "()I", vm().mirrorOf(RESULT_B),
+                "Invalid MethodID");
     }
 
     private void testImplementationClass(ReferenceType targetClass, ObjectReference thisObject) {