RFR: 8376491: ZGC: crash in __memset_evex_unaligned_erms when initializing heap using high values for -XX:ConcGCThreads
Guanqiang Han
ghan at openjdk.org
Tue Feb 3 11:52:27 UTC 2026
On Tue, 3 Feb 2026 06:22:51 GMT, Axel Boldt-Christmas <aboldtch at openjdk.org> wrote:
>> Please review this change. Thanks!
>>
>> **Description:**
>>
>> This change fixes a crash during ZGC initialization when -XX:ConcGCThreads is set to an extremely large value.
>> ZThreadLocalAllocBuffer::initialize() creates a ZPerWorker<ThreadLocalAllocStats>, which uses ZValueStorage::alloc to allocate per-worker storage which size is related to ConcGCThreads
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zThreadLocalAllocBuffer.cpp#L35-L38
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.hpp#L111
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.inline.hpp#L125-L127
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.inline.hpp#L60-L61
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.inline.hpp#L108-L110
>>
>> For very large ConcGCThreads, the calculated block_size becomes huge and os::malloc() inside ZUtils::alloc_aligned_unfreeable() may fail.
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zUtils.inline.hpp#L37-L42
>>
>> The current code does not check the returned pointer and unconditionally aligns and memset()s it, which can lead to a segmentation fault.
>>
>> **Fix:**
>>
>> The fix adds a NULL check after os::malloc() and terminates the VM with a proper OutOfMemoryError message instead of crashing.
>>
>> **Test:**
>>
>> GHA
>
> test/hotspot/jtreg/gc/z/TestZValueStorageAlloc.java line 46:
>
>> 44: output.shouldNotContain("# A fatal error has been detected by the Java Runtime Environment");
>> 45: }
>> 46: }
>
> Suggestion:
>
> }
Hi @xmas92 @stefank , thanks for the feedback.
On my side the regression test doesn’t seem particularly slow, and it also runs reasonably fast in the current GitHub Actions jobs. That said, I understand it can be much slower on some machines/environments.
If you feel it doesn’t add much value, I’m happy to drop the regression test.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/29460#discussion_r2758689485
More information about the hotspot-gc-dev
mailing list