rkennke · October 6, 2020 14:57
diff --git a/gistfile1.txt b/gistfile1.txt
    0x00007f2f2cb7650f:   mov    0x10(%rbx),%rbp       <==== Reference.get()
  0x00007f2f2cb76513:   testb  $0x1,0x20(%r15)
  0x00007f2f2cb76518:   jne    0x00007f2f2cb76c42      <==== LRB may turn rbp into NULL
  0x00007f2f2cb7651e:   mov    %rbp,%r12               <==== copy rbp (possibly NULL) to r12
  0x00007f2f2cb76521:   testb  $0x2,0x20(%r15)
  0x00007f2f2cb76526:   jne    0x00007f2f2cb76c61      <==== keep-alive barrier
  0x00007f2f2cb7652c:   mov    0x50(%rsp),%r10
  0x00007f2f2cb76531:   cmp    %r12,%r10               
  0x00007f2f2cb76534:   jne    0x00007f2f2cb76562      <====  Not sure what that is, but branches to crashing subroutine, with r12 still NULL
  0x00007f2f2cb76536:   mov    0x38(%rbx),%r10
  0x00007f2f2cb7653a:   mov    %r10,0x60(%rsp)
  0x00007f2f2cb7653f:   testb  $0x1,0x20(%r15)
  0x00007f2f2cb76544:   jne    0x00007f2f2cb76c8d
  0x00007f2f2cb7654a:   mov    0x60(%rsp),%rax
  0x00007f2f2cb7654f:   add    $0x80,%rsp
  0x00007f2f2cb76556:   pop    %rbp
  0x00007f2f2cb76557:   mov    0x110(%r15),%r10
  0x00007f2f2cb7655e:   test   %eax,(%r10)                  ;   {poll_return}
  0x00007f2f2cb76561:   retq   
 0x00007f2f2cb76562:   movabs $0x7f2b3f433eb0,%r10         ;   {metadata('com/sun/tools/javac/code/Types$CandidatesCache$Entry')}
  0x00007f2f2cb7656c:   mov    0x58(%rsp),%r11
  0x00007f2f2cb76571:   cmp    %r10,%r11
  0x00007f2f2cb76574:   jne    0x00007f2f2cb770b0
  0x00007f2f2cb7657a:   test   %rbp,%rbp
  0x00007f2f2cb7657d:   je     0x00007f2f2cb765ad
  0x00007f2f2cb7657f:   mov    0x8(%r12),%r11                <==== BOOM

 Registers:
 RAX=0x0000000000000000, RBX=0x00007f2f176e90c8, RCX=0x0000000000000004, RDX=0x00007f2f3c3e8380
 RSP=0x00007f2c5888b700, RBP=0x00007f2cc6c9b910, RSI=0x00000000002ec9b9, RDI=0x00007f2f3c3e7250
 R8 =0x00007f2f176e8eb0, R9 =0x00007f2f176e90c8, R10=0x00007f2b3f433eb0, R11=0x00007f2b3f433eb0
 R12=0x0000000000000000, R13=0x000000000002ae2e, R14=0x00007f2db186fc30, R15=0x00007f2f3c3e7250
 RIP=0x00007f2f2cb7657f, EFLAGS=0x0000000000010202, CSGSFS=0x002b000000000033, ERR=0x0000000000000004
  TRAPNO=0x000000000000000e

 full hserr:
 http://cr.openjdk.java.net/~rkennke/hs_err_pid110730.log
	0x00007f2f2cb7650f: mov 0x10(%rbx),%rbp <==== Reference.get()
	0x00007f2f2cb76513: testb $0x1,0x20(%r15)
	0x00007f2f2cb76518: jne 0x00007f2f2cb76c42 <==== LRB may turn rbp into NULL
	0x00007f2f2cb7651e: mov %rbp,%r12 <==== copy rbp (possibly NULL) to r12
	0x00007f2f2cb76521: testb $0x2,0x20(%r15)
	0x00007f2f2cb76526: jne 0x00007f2f2cb76c61 <==== keep-alive barrier
	0x00007f2f2cb7652c: mov 0x50(%rsp),%r10
	0x00007f2f2cb76531: cmp %r12,%r10
	0x00007f2f2cb76534: jne 0x00007f2f2cb76562 <==== Not sure what that is, but branches to crashing subroutine, with r12 still NULL
	0x00007f2f2cb76536: mov 0x38(%rbx),%r10
	0x00007f2f2cb7653a: mov %r10,0x60(%rsp)
	0x00007f2f2cb7653f: testb $0x1,0x20(%r15)
	0x00007f2f2cb76544: jne 0x00007f2f2cb76c8d
	0x00007f2f2cb7654a: mov 0x60(%rsp),%rax
	0x00007f2f2cb7654f: add $0x80,%rsp
	0x00007f2f2cb76556: pop %rbp
	0x00007f2f2cb76557: mov 0x110(%r15),%r10
	0x00007f2f2cb7655e: test %eax,(%r10) ; {poll_return}
	0x00007f2f2cb76561: retq
	0x00007f2f2cb76562: movabs $0x7f2b3f433eb0,%r10 ; {metadata('com/sun/tools/javac/code/Types$CandidatesCache$Entry')}
	0x00007f2f2cb7656c: mov 0x58(%rsp),%r11
	0x00007f2f2cb76571: cmp %r10,%r11
	0x00007f2f2cb76574: jne 0x00007f2f2cb770b0
	0x00007f2f2cb7657a: test %rbp,%rbp
	0x00007f2f2cb7657d: je 0x00007f2f2cb765ad
	0x00007f2f2cb7657f: mov 0x8(%r12),%r11 <==== BOOM

	Registers:
	RAX=0x0000000000000000, RBX=0x00007f2f176e90c8, RCX=0x0000000000000004, RDX=0x00007f2f3c3e8380
	RSP=0x00007f2c5888b700, RBP=0x00007f2cc6c9b910, RSI=0x00000000002ec9b9, RDI=0x00007f2f3c3e7250
	R8 =0x00007f2f176e8eb0, R9 =0x00007f2f176e90c8, R10=0x00007f2b3f433eb0, R11=0x00007f2b3f433eb0
	R12=0x0000000000000000, R13=0x000000000002ae2e, R14=0x00007f2db186fc30, R15=0x00007f2f3c3e7250
	RIP=0x00007f2f2cb7657f, EFLAGS=0x0000000000010202, CSGSFS=0x002b000000000033, ERR=0x0000000000000004
	TRAPNO=0x000000000000000e

	full hserr:
	http://cr.openjdk.java.net/~rkennke/hs_err_pid110730.log
No results found