Welcome!

Microservices Expo Authors: Stackify Blog, Aruna Ravichandran, Dalibor Siroky, Kevin Jackson, PagerDuty Blog

Related Topics: @CloudExpo, Java IoT, Containers Expo Blog

@CloudExpo: Blog Feed Post

How Memory Leaks Happen in a Java Application | @CloudExpo #JVM #Java #Virtualization

One of the core benefits of Java is the JVM, which is an out-of-the-box memory management

How Memory Leaks Happen in a Java Application
By Eugen Paraschiv

Introduction to Memory Leaks In Java Apps
One of the core benefits of Java is the JVM, which is an out-of-the-box memory management. Essentially, we can create objects and the Java Garbage Collector will take care of allocating and freeing up memory for us.

Nevertheless, memory leaks can still occur in Java applications.

In this article, we're going to describe the most common memory leaks, understand their causes, and look at a few techniques to detect/avoid them. We're also going to use the Java YourKit profiler throughout the article, to analyze the state of our memory at runtime.

1. What is a Memory Leak in Java?
The standard definition of a memory leak is a scenario that occurs when objects are no longer being used by the application, but the Garbage Collector is unable to remove them from working memory - because they're still being referenced. As a result, the application consumes more and more resources - which eventually leads to a fatal OutOfMemoryError.

For a better understanding of the concept, here's a simple visual representation:

How memory leaks happen in Java

As we can see, we have two types of objects - referenced and unreferenced; the Garbage Collector can remove objects that are unreferenced. Referenced objects won't be collected, even if they're actually not longer used by the application.

Detecting memory leaks can be difficult. A number of tools perform static analysis to determine potential leaks, but these techniques aren't perfect because the most important aspect is the actual runtime behavior of the running system.

So, let's have a focused look at some of the standard practices of preventing memory leaks, by analyzing some common scenarios.

2. Java Heap Leaks
In this initial section, we're going to focus on the classic memory leak scenario - where Java objects are continuously created without being released.

An advantageous technique to understand these situations is to make reproducing a memory leak easier by setting a lower size for the Heap. That's why, when starting our application, we can adjust the JVM to suit our memory needs:

-Xms<size>

-Xmx<size>

These parameters specify the initial Java Heap size as well as the maximum Heap size.

2.1. Static Field Holding On to the Object Reference
The first scenario that might cause a Java memory leak is referencing a heavy object with a static field.

Let's have a look at a quick example:

private Random random = new Random();
public static final ArrayList<Double> list = new ArrayList<Double>(1000000);

@Test
public void givenStaticField_whenLotsOfOperations_thenMemoryLeak() throws InterruptedException {
for (int i = 0; i < 1000000; i++) {
list.add(random.nextDouble());
}

System.gc();
Thread.sleep(10000); // to allow GC do its job
}

We created our ArrayList as a static field - which will never be collected by the JVM Garbage Collector during the lifetime of the JVM process, even after the calculations it was used for are done. We also invoked Thread.sleep(10000) to allow the GC to perform a full collection and try to reclaim everything that can be reclaimed.

Let's run the test and analyze the JVM with our profiler:

Java static memory leak

Notice how, at the very beginning, all memory is, of course, free.

Then, in just 2 seconds, the iteration process runs and finishes - loading everything into the list (naturally this will depend on the machine you're running the test on).

After that, a full garbage collection cycle is triggered, and the test continues to execute, to allow this cycle time to run and finish. As you can see, the list is not reclaimed and the memory consumption doesn't go down.

Let's now see the exact same example, only this time, the ArrayList isn't referenced by a static variable. Instead, it's a local variable that gets created, used and then discarded:

@Test
public void givenNormalField_whenLotsOfOperations_thenGCWorksFine() throws InterruptedException {
addElementsToTheList();
System.gc();
Thread.sleep(10000); // to allow GC do its job
}

private void addElementsToTheList(){
ArrayList<Double> list = new ArrayList<Double>(1000000);
for (int i = 0; i < 1000000; i++) {
list.add(random.nextDouble());
}
}

Once the method finishes its job, we'll observe the major GC collection, around 50th second on the image below:

Java static no memory leak

Notice how the GC is now able to reclaim some of the memory utilized by the JVM.

How to prevent it?
Now that you understand the scenario, there are of course ways to prevent it from occurring.

First, we need to pay close attention to our usage of static; declaring any collection or heavy object as static ties its lifecycle to the lifecycle of the JVM itself, and makes the entire object graph impossible to collect.

We also need to be aware of collections in general - that's a common way to unintentionally hold on to references for longer than we need to.

2.2. Calling String.intern() on Long String
The second group of scenarios that frequently causes memory leaks involves String operations - specifically the String.intern() API.

Let's have a look at a quick example:

@Test
public void givenLengthString_whenIntern_thenOutOfMemory()
throws IOException, InterruptedException {
Thread.sleep(15000);

String str
= new Scanner(new File("src/test/resources/large.txt"), "UTF-8")
.useDelimiter("\\A").next();
str.intern();

System.gc();
Thread.sleep(15000);
}

Here, we simply try to load a large text file into running memory and then return a canonical form, using .intern().

The intern API will place the str String in the JVM memory pool - where it can't be collected - and again, this will cause the GC to be unable to free up enough memory:

Java String intern memory leak

We can clearly see that in the first 15th seconds JVM is stable, then we load the file and JVM perform garbage collection (20th second).

Finally, the str.intern() is invoked, which leads to the memory leak - the stable line indicating high heap memory usage, which will never be released.

How to prevent it?
Please remember that interned String objects are stored in PermGen space - if our application is intended to perform a lot of operations on large strings, we might need to increase the size of the permanent generation:

-XX:MaxPermSize=<size>

The second solution is to use Java 8 - where the PermGen space is replaced by the Metaspace - which won't lead to any OutOfMemoryError when using intern on Strings:

Finally, there are also several options of avoiding the .intern() API on Strings as well.

2.3. Unclosed Streams
Forgetting to close a stream is a very common scenario, and certainly, one that most developers can relate to. The problem was partially removed in Java 7 when the ability to automatically close all types of streams was introduced into the try-with-resource clause.

Why partially? Because the try-with-resources syntax is optional:

@Test(expected = OutOfMemoryError.class)
public void givenURL_whenUnclosedStream_thenOutOfMemory()
throws IOException, URISyntaxException {
String str = "";
URLConnection conn
= new URL("http://norvig.com/big.txt").openConnection();
BufferedReader br = new BufferedReader(
new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8));

while (br.readLine() != null) {
str += br.readLine();
}

//
}

Let's see how the memory of the application looks when loading a large file from an URL:

Java unclosed streams memory leak

As we can see, the heap usage is gradually increasing over time - which is the direct impact of the memory leak caused by not closing the stream.

How to prevent it?
We always need to remember to close streams manually, or to make a use of the auto-close feature introduced in Java 8:

try (BufferedReader br = new BufferedReader(
new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8))) {
// further implementation
} catch (IOException e) {
e.printStackTrace();
}

In this case, the BufferedReader will be automatically closed at the end of the try statement, without the need to close it in an explicit finally block.

2.4. Unclosed Connections
This scenario is quite similar to the previous one, with the primary difference of dealing with unclosed connections (e.g. to a database, to an FTP server, etc.). Again, improper implementation can do a lot of harm, leading to memory problems.

Let's see a quick example:

@Test(expected = OutOfMemoryError.class)
public void givenConnection_whenUnclosed_thenOutOfMemory()
throws IOException, URISyntaxException {

URL url = new URL("ftp://speedtest.tele2.net");
URLConnection urlc = url.openConnection();
InputStream is = urlc.getInputStream();
String str = "";

//
}

The URLConnection remains open, and the result is, predictably, a memory leak:

Java unclosed connections memory leak

Notice how the Garbage Collector cannot do anything to release unused, but referenced memory. The situation is immediately clear after the 1st minute - the number of GC operations rapidly decreases, causing increased Heap memory use, which leads to the OutOfMemoryError.

How to prevent it?
The answer here is simple - we need to always close connections in a disciplined manner.

2.5. Adding Objects with no hashCode() and equals() into a HashSet
A simple but very common example that can lead to a memory leak is to use a HashSet with objects that are missing their hashCode() or equals() implementations.

Specifically, when we start adding duplicate objects into a Set - this will only ever grow, instead of ignoring duplicates as it should. We also won't be able to remove these objects, once added.

Let's create a simple class without either equals or hashCode:

public class Key {
public String key;

public Key(String key) {
Key.key = key;
}
}

Now, let's see the scenario:

@Test(expected = OutOfMemoryError.class)
public void givenMap_whenNoEqualsNoHashCodeMethods_thenOutOfMemory()
throws IOException, URISyntaxException {
Map<Object, Object> map = System.getProperties();
while (true) {
map.put(new Key("key"), "value");
}
}

This simple implementation will lead to the following scenario at runtime:

Java no hascode equals memory leak

Notice how the garbage collector stopped being able to reclaim memory around 1:40, and notice the memory leak; the number of GC collections dropped almost four times immediately after.

How to prevent it?
In these situations, the solution is simple - it's crucial to provide the hashCode() and equals() implementations.

One tool worth mentioning here is Project Lombok - this provides a lot of default implementation by annotations, e.g. @EqualsAndHashCode.

3. How to Find Leaking Sources in Your Application
Diagnosing memory leaks is a lengthy process that requires a lot of practical experience, debugging skills and detailed knowledge of the application.

Let's see which techniques can help you in addition to standard profiling.

3.1. Verbose Garbage Collection
One of the quickest ways to identify a memory leak is to enable verbose garbage collection.

By adding the -verbose:gc parameter to the JVM configuration of our application, we're enabling a very detailed trace of GC. Summary reports are shown in default error output file, which should help you understand how your memory is being managed.

3.2. Do Profiling
The second technique is the one we've been using throughout this article - and that's profiling. The most popular profiler is Visual VM - which is a good place to start moving past command-line JDK tools and into lightweight profiling.

In this article, we used another profiler - YourKit - which has some additional, more advanced features compared to Visual VM.

3.3. Review Your Code
Finally, this is more of a general good practice than a specific technique to deal with memory leaks.

Simply put - review your code thoroughly, practice regular code reviews and make good use of static analysis tools to help you understand your code and your system.

Conclusion
In this tutorial, we had a practical look at how memory leaks happen on the JVM. Understanding how these scenarios happen is the first step in the process of dealing with them.

Then, having the techniques and tools to really see what's happening at runtime, as the leak occurs, is critical as well. Static analysis and careful code-focused reviews can only do so much, and - at the end of the day - it's the runtime that will show you the more complex leaks that aren't immediately identifiable in the code.

Finally, leaks can be notoriously hard to find and reproduce because many of them only happen under intense load, which generally happens in production. This is where you need to go beyond code-level analysis and work on two main aspects - reproduction and early detection.

The best and most reliable way to reproduce memory leaks is to simulate the usage patterns of a production environment as close as possible, with the help of a good suite of performance tests.

And early detection is where a solid performance management solution and even an early detection solution can make a significant difference, as it's the only way to have the necessary insight into the runtime of your application in production.

The full implementation of this tutorial can be found over on GitHub. This is a Maven based project, so it can simply be imported and run as it is.

The post How Memory Leaks Happen in a Java Application appeared first on Stackify.

Read the original blog entry...

More Stories By Stackify Blog

Stackify offers the only developers-friendly solution that fully integrates error and log management with application performance monitoring and management. Allowing you to easily isolate issues, identify what needs to be fixed quicker and focus your efforts – Support less, Code more. Stackify provides software developers, operations and support managers with an innovative cloud based solution that gives them DevOps insight and allows them to monitor, detect and resolve application issues before they affect the business to ensure a better end user experience. Start your free trial now stackify.com

@MicroservicesExpo Stories
How is DevOps going within your organization? If you need some help measuring just how well it is going, we have prepared a list of some key DevOps metrics to track. These metrics can help you understand how your team is doing over time. The word DevOps means different things to different people. Some say it a culture and every vendor in the industry claims that their tools help with DevOps. Depending on how you define DevOps, some of these metrics may matter more or less to you and your team.
For many of us laboring in the fields of digital transformation, 2017 was a year of high-intensity work and high-reward achievement. So we’re looking forward to a little breather over the end-of-year holiday season. But we’re going to have to get right back on the Continuous Delivery bullet train in 2018. Markets move too fast and customer expectations elevate too precipitously for businesses to rest on their laurels. Here’s a DevOps “to-do list” for 2018 that should be priorities for anyone w...
If testing environments are constantly unavailable and affected by outages, release timelines will be affected. You can use three metrics to measure stability events for specific environments and plan around events that will affect your critical path to release.
In a recent post, titled “10 Surprising Facts About Cloud Computing and What It Really Is”, Zac Johnson highlighted some interesting facts about cloud computing in the SMB marketplace: Cloud Computing is up to 40 times more cost-effective for an SMB, compared to running its own IT system. 94% of SMBs have experienced security benefits in the cloud that they didn’t have with their on-premises service
DevOps failure is a touchy subject with some, because DevOps is typically perceived as a way to avoid failure. As a result, when you fail in a DevOps practice, the situation can seem almost hopeless. However, just as a fail-fast business approach, or the “fail and adjust sooner” methodology of Agile often proves, DevOps failures are actually a step in the right direction. They’re the first step toward learning from failures and turning your DevOps practice into one that will lead you toward even...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
While walking around the office I happened upon a relatively new employee dragging emails from his inbox into folders. I asked why and was told, “I’m just answering emails and getting stuff off my desk.” An empty inbox may be emotionally satisfying to look at, but in practice, you should never do it. Here’s why. I recently wrote a piece arguing that from a mathematical perspective, Messy Desks Are Perfectly Optimized. While it validated the genius of my friends with messy desks, it also gener...
The goal of Microservices is to improve software delivery speed and increase system safety as scale increases. Microservices being modular these are faster to change and enables an evolutionary architecture where systems can change, as the business needs change. Microservices can scale elastically and by being service oriented can enable APIs natively. Microservices also reduce implementation and release cycle time and enables continuous delivery. This paper provides a logical overview of the Mi...
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
The enterprise data storage marketplace is poised to become a battlefield. No longer the quiet backwater of cloud computing services, the focus of this global transition is now going from compute to storage. An overview of recent storage market history is needed to understand why this transition is important. Before 2007 and the birth of the cloud computing market we are witnessing today, the on-premise model hosted in large local data centers dominated enterprise storage. Key marketplace play...
The cloud revolution in enterprises has very clearly crossed the phase of proof-of-concepts into a truly mainstream adoption. One of most popular enterprise-wide initiatives currently going on are “cloud migration” programs of some kind or another. Finding business value for these programs is not hard to fathom – they include hyperelasticity in infrastructure consumption, subscription based models, and agility derived from rapid speed of deployment of applications. These factors will continue to...
Some people are directors, managers, and administrators. Others are disrupters. Eddie Webb (@edwardawebb) is an IT Disrupter for Software Development Platforms at Liberty Mutual and was a presenter at the 2016 All Day DevOps conference. His talk, Organically DevOps: Building Quality and Security into the Software Supply Chain at Liberty Mutual, looked at Liberty Mutual's transformation to Continuous Integration, Continuous Delivery, and DevOps. For a large, heavily regulated industry, this task ...
Following a tradition dating back to 2002 at ZapThink and continuing at Intellyx since 2014, it’s time for Intellyx’s annual predictions for the coming year. If you’re a long-time fan, you know we have a twist to the typical annual prediction post: we actually critique our predictions from the previous year. To make things even more interesting, Charlie and I switch off, judging the other’s predictions. And now that he’s been with Intellyx for more than a year, this Cortex represents my first ...
"Grape Up leverages Cloud Native technologies and helps companies build software using microservices, and work the DevOps agile way. We've been doing digital innovation for the last 12 years," explained Daniel Heckman, of Grape Up in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
The Toyota Production System, a world-renowned production system is based on the "complete elimination of all waste". The "Toyota Way", grounded on continuous improvement dates to the 1860s. The methodology is widely proven to be successful yet there are still industries within and tangential to manufacturing struggling to adopt its core principles: Jidoka: a process should stop when an issue is identified prevents releasing defective products
We seem to run this cycle with every new technology that comes along. A good idea with practical applications is born, then both marketers and over-excited users start to declare it is the solution for all or our problems. Compliments of Gartner, we know it generally as “The Hype Cycle”, but each iteration is a little different. 2018’s flavor will be serverless computing, and by 2018, I mean starting now, but going most of next year, you’ll be sick of it. We are already seeing people write such...
Defining the term ‘monitoring’ is a difficult task considering the performance space has evolved significantly over the years. Lately, there has been a shift in the monitoring world, sparking a healthy debate regarding the definition and purpose of monitoring, through which a new term has emerged: observability. Some of that debate can be found in blogs by Charity Majors and Cindy Sridharan.
It’s “time to move on from DevOps and continuous delivery.” This was the provocative title of a recent article in ZDNet, in which Kelsey Hightower, staff developer advocate at Google Cloud Platform, suggested that “software shops should have put these concepts into action years ago.” Reading articles like this or listening to talks at most DevOps conferences might make you think that we’re entering a post-DevOps world. But vast numbers of organizations still struggle to start and drive transfo...
Let's do a visualization exercise. Imagine it's December 31, 2018, and you're ringing in the New Year with your friends and family. You think back on everything that you accomplished in the last year: your company's revenue is through the roof thanks to the success of your product, and you were promoted to Lead Developer. 2019 is poised to be an even bigger year for your company because you have the tools and insight to scale as quickly as demand requires. You're a happy human, and it's not just...
"Opsani helps the enterprise adopt containers, help them move their infrastructure into this modern world of DevOps, accelerate the delivery of new features into production, and really get them going on the container path," explained Ross Schibler, CEO of Opsani, and Peter Nickolov, CTO of Opsani, in this SYS-CON.tv interview at DevOps Summit at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.