Integrated: 8376491: ZGC: crash in __memset_evex_unaligned_erms when initializing heap using high values for -XX:ConcGCThreads

Guanqiang Han ghan at openjdk.org
Mon Feb 9 21:39:28 UTC 2026 

On Wed, 28 Jan 2026 07:21:24 GMT, Guanqiang Han <ghan at openjdk.org> wrote:

> Please review this change. Thanks!
> 
> **Description:**
> 
> This change fixes a crash during ZGC initialization when -XX:ConcGCThreads is set to an extremely large value.
> ZThreadLocalAllocBuffer::initialize() creates a ZPerWorker<ThreadLocalAllocStats>, which uses ZValueStorage::alloc to allocate per-worker storage which size is related to ConcGCThreads
> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zThreadLocalAllocBuffer.cpp#L35-L38
> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.hpp#L111
> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.inline.hpp#L125-L127
> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.inline.hpp#L60-L61
> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zValue.inline.hpp#L108-L110
> 
> For very large ConcGCThreads, the calculated block_size becomes huge and os::malloc() inside ZUtils::alloc_aligned_unfreeable() may fail.
> https://github.com/openjdk/jdk/blob/1161a640abe454b47de95ed73452a78535160deb/src/hotspot/share/gc/z/zUtils.inline.hpp#L37-L42
> 
> The current code does not check the returned pointer and unconditionally aligns and memset()s it, which can lead to a segmentation fault.
> 
> **Fix:**
> 
> The fix adds a NULL check after os::malloc() and terminates the VM with a proper OutOfMemoryError message instead of crashing.
> 
> **Test:**
> 
> GHA

This pull request has now been integrated.

Changeset: 07f78779
Author:    Guanqiang Han <ghan at openjdk.org>
Committer: Axel Boldt-Christmas <aboldtch at openjdk.org>
URL:       https://git.openjdk.org/jdk/commit/07f78779e099d2dead74a05acf84ac4c457293b5
Stats:     4 lines in 1 file changed: 3 ins; 0 del; 1 mod

8376491: ZGC: crash in __memset_evex_unaligned_erms when initializing heap using high values for -XX:ConcGCThreads

Reviewed-by: aboldtch, stefank

-------------

PR: https://git.openjdk.org/jdk/pull/29460

More information about the hotspot-gc-dev mailing list