RFR: 8376491: ZGC: crash in __memset_evex_unaligned_erms when initializing heap using high values for -XX:ConcGCThreads [v2]

Stefan Karlsson stefank at openjdk.org
Mon Feb 9 21:39:25 UTC 2026 

On Mon, 9 Feb 2026 09:48:04 GMT, Guanqiang Han <ghan at openjdk.org> wrote:

>> Please review this change. Thanks!
>> 
>> **Description:**
>> 
>> This change fixes a crash during ZGC initialization when -XX:ConcGCThreads is set to an extremely large value.
>> ZThreadLocalAllocBuffer::initialize() creates a ZPerWorker<ThreadLocalAllocStats>, which uses ZValueStorage::alloc to allocate per-worker storage which size is related to ConcGCThreads
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zThreadLocalAllocBuffer.cpp#L35-L38
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.hpp#L111
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.inline.hpp#L125-L127
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.inline.hpp#L60-L61
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.inline.hpp#L108-L110
>> 
>> For very large ConcGCThreads, the calculated block_size becomes huge and os::malloc() inside ZUtils::alloc_aligned_unfreeable() may fail.
>> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zUtils.inline.hpp#L37-L42
>> 
>> The current code does not check the returned pointer and unconditionally aligns and memset()s it, which can lead to a segmentation fault.
>> 
>> **Fix:**
>> 
>> The fix adds a NULL check after os::malloc() and terminates the VM with a proper OutOfMemoryError message instead of crashing.
>> 
>> **Test:**
>> 
>> GHA
>
> Guanqiang Han has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains four additional commits since the last revision:
> 
>  - Drop regression test
>  - Merge remote-tracking branch 'upstream/master' into 8376491
>  - fix test func
>  - fix bug 8376491

Marked as reviewed by stefank (Reviewer).

-------------

PR Review: https://git.openjdk.org/jdk/pull/29460#pullrequestreview-3772124479

More information about the hotspot-gc-dev mailing list