曹工杂谈:Java 类加载还会死锁?这是什么情况?

一、前言

今天事不是很多,正好在Java交流群里,看到一个比较有意思的问题,于是花了点时间研究了一下,这里做个简单的分享。

先贴一份测试代码,大家可以先猜测一下,执行结果会是怎样的:

 2 
 3 import java.util.concurrent.TimeUnit;
 4 
 5 
 6 public class TestClassLoading {
 7     public static class A{
 8         static {
 9             System.out.println("class A init");
10             try {
11                 TimeUnit.SECONDS.sleep(1);
12             } catch (InterruptedException e) {
13                 e.printStackTrace();
14             }
15             new B();
16         }
17 
18         public static void test() {
19             System.out.println("aaa");
20         }
21     }
22 
23     public static class B{
24         static {
25             System.out.println("class B init");
26             new A();
27         }
28 
29 
30         public static void test() {
31             System.out.println("bbb");
32         }
33     }
34     public static void main(String[] args) {
35         new Thread(() -> A.test()).start();
36         new Thread(() -> B.test()).start();
37     }
38 }

 

不知道,你猜对了没有呢,实际的执行结果会是下面这样的:

 

二、原因分析

这里,一开始大家分析的是,和new有关系;但下面的代码和上面的结果完全一致,基本可以排除 new 的嫌疑:

 1 public class TestClassLoadingNew {
 2     public static class A{
 3         static {
 4             System.out.println("class A init");
 5             try {
 6                 TimeUnit.SECONDS.sleep(1);
 7             } catch (InterruptedException e) {
 8                 e.printStackTrace();
 9             }
10             B.test();
11         }
12 
13         public static void test() {
14             System.out.println("aaa");
15         }
16     }
17 
18     public static class B{
19         static {
20             System.out.println("class B init");
21             A.test();
22         }
23 
24 
25         public static void test() {
26             System.out.println("bbb");
27         }
28     }
29     public static void main(String[] args) {
30         new Thread(() -> A.test()).start();
31         new Thread(() -> B.test()).start();
32     }
33 }

 

这里,问题的根本原因,其实是:

classloader在初始化一个类的时候,会对当前类加锁,加锁后,再执行类的静态初始化块。

所以,上面会发生:

1、线程1:类A对class A加锁,加锁后,执行类的静态初始化块(在堆栈里体现为<clinit>函数),发现用到了class B,于是去加载B;

2、线程2:类B对class B加锁,加锁后,执行类的静态初始化块(在堆栈里体现为<clinit>函数),发现用到了class A,于是去加载A;

3、死锁发生。

 

有经验的同学,对于死锁是毫无畏惧的,因为我们有神器,jstack。 jstack 加上 -l 参数,即可打印出各个线程持有的锁的信息。(windows上直接jconsole就行,还能死锁检测):

 

"Thread-1" #15 prio=5 os_prio=0 tid=0x000000002178a000 nid=0x2df8 in Object.wait() [0x0000000021f4e000]
   java.lang.Thread.State: RUNNABLE
        at com.dmtest.netty_learn.TestClassLoading$B.<clinit>(TestClassLoading.java:32)
        at com.dmtest.netty_learn.TestClassLoading.lambda$main$1(TestClassLoading.java:42)
        at com.dmtest.netty_learn.TestClassLoading$$Lambda$2/736709391.run(Unknown Source)
        at java.lang.Thread.run(Thread.java:748)

   Locked ownable synchronizers:
        - None

"Thread-0" #14 prio=5 os_prio=0 tid=0x0000000021787800 nid=0x2618 in Object.wait() [0x00000000213be000]
   java.lang.Thread.State: RUNNABLE
        at com.dmtest.netty_learn.TestClassLoading$A.<clinit>(TestClassLoading.java:21)
        at com.dmtest.netty_learn.TestClassLoading.lambda$main$0(TestClassLoading.java:41)
        at com.dmtest.netty_learn.TestClassLoading$$Lambda$1/611437735.run(Unknown Source)
        at java.lang.Thread.run(Thread.java:748)

   Locked ownable synchronizers:
        - None

 

这里,很奇怪的一个原因是,明明这两个线程发生了死锁,为什么没有显示呢?

因为,这是 jvm 内部加了锁,所以,jconsole、jstack都失效了。

 

三、一起深入JVM,探个究竟

1、单步跟踪

class 的加载都是由 classloader 来完成的,而且部分工作是在 jvm 层面完成,我们可以看到,在 java.lang.ClassLoader#defineClass1 的定义中:

 

以上几个方法都是本地方法。

其实际的实现在:/home/ckl/openjdk-jdk8u/jdk/src/share/native/java/lang/ClassLoader.c,

 

 1 JNIEXPORT jclass JNICALL
 2 Java_java_lang_ClassLoader_defineClass1(JNIEnv *env,
 3                                         jobject loader,
 4                                         jstring name,
 5                                         jbyteArray data,
 6                                         jint offset,
 7                                         jint length,
 8                                         jobject pd,
 9                                         jstring source)
10 {
11     jbyte *body;
12     char *utfName;
13     jclass result = 0;
14     char buf[128];
15     char* utfSource;
16     char sourceBuf[1024];
17 
18     if (data == NULL) {
19         JNU_ThrowNullPointerException(env, 0);
20         return 0;
21     }
22 
23     /* Work around 4153825. malloc crashes on Solaris when passed a
24      * negative size.
25      */
26     if (length < 0) {
27         JNU_ThrowArrayIndexOutOfBoundsException(env, 0);
28         return 0;
29     }
30 
31     body = (jbyte *)malloc(length);
32 
33     if (body == 0) {
34         JNU_ThrowOutOfMemoryError(env, 0);
35         return 0;
36     }
37 
38     (*env)->GetByteArrayRegion(env, data, offset, length, body);
39 
40     if ((*env)->ExceptionOccurred(env))
41         goto free_body;
42 
43     if (name != NULL) {
44         utfName = getUTF(env, name, buf, sizeof(buf));
45         if (utfName == NULL) {
46             goto free_body;
47         }
48         VerifyFixClassname(utfName);
49     } else {
50         utfName = NULL;
51     }
52 
53     if (source != NULL) {
54         utfSource = getUTF(env, source, sourceBuf, sizeof(sourceBuf));
55         if (utfSource == NULL) {
56             goto free_utfName;
57         }
58     } else {
59         utfSource = NULL;
60     }
61     result = JVM_DefineClassWithSource(env, utfName, loader, body, length, pd, utfSource);
62 
63     if (utfSource && utfSource != sourceBuf)
64         free(utfSource);
65 
66  free_utfName:
67     if (utfName && utfName != buf)
68         free(utfName);
69 
70  free_body:
71     free(body);
72     return result;
73 }

 

大家可以跟着标红的代码,我们一起大概看一下,这个方法的实现在/home/ckl/openjdk-jdk8u/hotspot/src/share/vm/prims/jvm.cpp 中,

1 JVM_ENTRY(jclass, JVM_DefineClassWithSource(JNIEnv *env, const char *name, jobject loader, const jbyte *buf, jsize len, jobject pd, const char *source))
2   JVMWrapper2("JVM_DefineClassWithSource %s", name);
3 
4   return jvm_define_class_common(env, name, loader, buf, len, pd, source, true, THREAD);
5 JVM_END

 

jvm_define_class_common 的实现,还是在  jvm.cpp 中,

 1 // common code for JVM_DefineClass() and JVM_DefineClassWithSource()
 2 // and JVM_DefineClassWithSourceCond()
 3 static jclass jvm_define_class_common(JNIEnv *env, const char *name,
 4                                       jobject loader, const jbyte *buf,
 5                                       jsize len, jobject pd, const char *source,
 6                                       jboolean verify, TRAPS) {
 7   if (source == NULL)  source = "__JVM_DefineClass__";
 8 
 9   assert(THREAD->is_Java_thread(), "must be a JavaThread");
10   JavaThread* jt = (JavaThread*) THREAD;
11 
12   PerfClassTraceTime vmtimer(ClassLoader::perf_define_appclass_time(),
13                              ClassLoader::perf_define_appclass_selftime(),
14                              ClassLoader::perf_define_appclasses(),
15                              jt->get_thread_stat()->perf_recursion_counts_addr(),
16                              jt->get_thread_stat()->perf_timers_addr(),
17                              PerfClassTraceTime::DEFINE_CLASS);
18 
19   if (UsePerfData) {
20     ClassLoader::perf_app_classfile_bytes_read()->inc(len);
21   }
22 
23   // Since exceptions can be thrown, class initialization can take place
24   // if name is NULL no check for class name in .class stream has to be made.
25   TempNewSymbol class_name = NULL;
26   if (name != NULL) {
27     const int str_len = (int)strlen(name);
28     if (str_len > Symbol::max_length()) {
29       // It's impossible to create this class;  the name cannot fit
30       // into the constant pool.
31       THROW_MSG_0(vmSymbols::java_lang_NoClassDefFoundError(), name);
32     }
33     class_name = SymbolTable::new_symbol(name, str_len, CHECK_NULL);
34   }
35 
36   ResourceMark rm(THREAD);
37   ClassFileStream st((u1*) buf, len, (char *)source);
38   Handle class_loader (THREAD, JNIHandles::resolve(loader));
39   if (UsePerfData) {
40     is_lock_held_by_thread(class_loader,
41                            ClassLoader::sync_JVMDefineClassLockFreeCounter(),
42                            THREAD);
43   }
44   Handle protection_domain (THREAD, JNIHandles::resolve(pd));
45   Klass* k = SystemDictionary::resolve_from_stream(class_name, class_loader,
46                                                      protection_domain, &st,
47                                                      verify != 0,
48                                                      CHECK_NULL);
49 
50   if (TraceClassResolution && k != NULL) {
51     trace_class_resolution(k);
52   }
53 
54   return (jclass) JNIHandles::make_local(env, k->java_mirror());
55 }

 

resolve_from_stream 的实现在 SystemDictionary 类中,下面我们看下:

 1 Klass* SystemDictionary::resolve_from_stream(Symbol* class_name,
 2                                              Handle class_loader,
 3                                              Handle protection_domain,
 4                                              ClassFileStream* st,
 5                                              bool verify,
 6                                              TRAPS) {
 7 
 8   // Classloaders that support parallelism, e.g. bootstrap classloader,
 9   // or all classloaders with UnsyncloadClass do not acquire lock here
10   bool DoObjectLock = true;
11   if (is_parallelCapable(class_loader)) {
12     DoObjectLock = false;
13   }
14 
15   ClassLoaderData* loader_data = register_loader(class_loader, CHECK_NULL);
16 
17   // Make sure we are synchronized on the class loader before we proceed
18 Handle lockObject = compute_loader_lock_object(class_loader, THREAD); 19 check_loader_lock_contention(lockObject, THREAD); 20 ObjectLocker ol(lockObject, THREAD, DoObjectLock); 21 22 TempNewSymbol parsed_name = NULL; 23 24 // Parse the stream. Note that we do this even though this klass might 25 // already be present in the SystemDictionary, otherwise we would not 26 // throw potential ClassFormatErrors. 27 // 28 // Note: "name" is updated. 29 30 instanceKlassHandle k = ClassFileParser(st).parseClassFile(class_name, 31 loader_data, 32 protection_domain, 33 parsed_name, 34 verify, 35 THREAD); 36 37 const char* pkg = "java/"; 38 size_t pkglen = strlen(pkg); 39 if (!HAS_PENDING_EXCEPTION && 40 !class_loader.is_null() && 41 parsed_name != NULL && 42 parsed_name->utf8_length() >= (int)pkglen && 43 !strncmp((const char*)parsed_name->bytes(), pkg, pkglen)) { 44 // It is illegal to define classes in the "java." package from 45 // JVM_DefineClass or jni_DefineClass unless you're the bootclassloader 46 ResourceMark rm(THREAD); 47 char* name = parsed_name->as_C_string(); 48 char* index = strrchr(name, '/'); 49 assert(index != NULL, "must be"); 50 *index = '\0'; // chop to just the package name 51 while ((index = strchr(name, '/')) != NULL) { 52 *index = '.'; // replace '/' with '.' in package name 53 } 54 const char* fmt = "Prohibited package name: %s"; 55 size_t len = strlen(fmt) + strlen(name); 56 char* message = NEW_RESOURCE_ARRAY(char, len); 57 jio_snprintf(message, len, fmt, name); 58 Exceptions::_throw_msg(THREAD_AND_LOCATION, 59 vmSymbols::java_lang_SecurityException(), message); 60 } 61 62 if (!HAS_PENDING_EXCEPTION) { 63 assert(parsed_name != NULL, "Sanity"); 64 assert(class_name == NULL || class_name == parsed_name, "name mismatch"); 65 // Verification prevents us from creating names with dots in them, this 66 // asserts that that's the case. 67 assert(is_internal_format(parsed_name), 68 "external class name format used internally"); 69 70 // Add class just loaded 71 // If a class loader supports parallel classloading handle parallel define requests 72 // find_or_define_instance_class may return a different InstanceKlass 73 if (is_parallelCapable(class_loader)) { 74 k = find_or_define_instance_class(class_name, class_loader, k, THREAD); 75 } else { 76 define_instance_class(k, THREAD); 77 } 78 } 79 96 97 return k(); 98 }

 

上面的方法里,有几处值得注意的:

1:18-20行,进行了加锁,18行获取锁对象,这里是当前类加载器(从注释可以看出),20行就是加锁的语法

2:37-60行,这里是判断要加载的类的包名是否以 java 开头,以 java 开头的类是非法的,不能加载

3:第76行, define_instance_class(k, THREAD); 进行后续操作

 

接下来,我们看看 define_instance_class 的实现:

 1 void SystemDictionary::define_instance_class(instanceKlassHandle k, TRAPS) {
 2 
 3   ClassLoaderData* loader_data = k->class_loader_data();
 4   Handle class_loader_h(THREAD, loader_data->class_loader());
 5 
 6   for (uintx it = 0; it < GCExpandToAllocateDelayMillis; it++){}
 7 
 8  // for bootstrap and other parallel classloaders don't acquire lock,
 9  // use placeholder token
10  // If a parallelCapable class loader calls define_instance_class instead of
11  // find_or_define_instance_class to get here, we have a timing
12  // hole with systemDictionary updates and check_constraints
13  if (!class_loader_h.is_null() && !is_parallelCapable(class_loader_h)) {
14     assert(ObjectSynchronizer::current_thread_holds_lock((JavaThread*)THREAD,
15          compute_loader_lock_object(class_loader_h, THREAD)),
16          "define called without lock");
17   }
18 
19   // Check class-loading constraints. Throw exception if violation is detected.
20   // Grabs and releases SystemDictionary_lock
21   // The check_constraints/find_class call and update_dictionary sequence
22   // must be "atomic" for a specific class/classloader pair so we never
23   // define two different instanceKlasses for that class/classloader pair.
24   // Existing classloaders will call define_instance_class with the
25   // classloader lock held
26   // Parallel classloaders will call find_or_define_instance_class
27   // which will require a token to perform the define class
28   Symbol*  name_h = k->name();
29   unsigned int d_hash = dictionary()->compute_hash(name_h, loader_data);
30   int d_index = dictionary()->hash_to_index(d_hash);
31   check_constraints(d_index, d_hash, k, class_loader_h, true, CHECK);
32 
33   // Register class just loaded with class loader (placed in Vector)
34   // Note we do this before updating the dictionary, as this can
35   // fail with an OutOfMemoryError (if it does, we will *not* put this
36   // class in the dictionary and will not update the class hierarchy).
37   // JVMTI FollowReferences needs to find the classes this way.
38   if (k->class_loader() != NULL) {
39     methodHandle m(THREAD, Universe::loader_addClass_method());
40     JavaValue result(T_VOID);
41     JavaCallArguments args(class_loader_h);
42     args.push_oop(Handle(THREAD, k->java_mirror()));
43     JavaCalls::call(&result, m, &args, CHECK);
44   }
45 
46   // Add the new class. We need recompile lock during update of CHA.
47   {
48     unsigned int p_hash = placeholders()->compute_hash(name_h, loader_data);
49     int p_index = placeholders()->hash_to_index(p_hash);
50 
51     MutexLocker mu_r(Compile_lock, THREAD);
52 
53     // Add to class hierarchy, initialize vtables, and do possible
54     // deoptimizations.
55     add_to_hierarchy(k, CHECK); // No exception, but can block
56 
57     // Add to systemDictionary - so other classes can see it.
58     // Grabs and releases SystemDictionary_lock
59     update_dictionary(d_index, d_hash, p_index, p_hash,
60                       k, class_loader_h, THREAD);
61   }
62   k->eager_initialize(THREAD);
63 
64   // notify jvmti
65   if (JvmtiExport::should_post_class_load()) {
66       assert(THREAD->is_Java_thread(), "thread->is_Java_thread()");
67       JvmtiExport::post_class_load((JavaThread *) THREAD, k());
68 
69   }
70 
71 }

 

 这里,由于我们的案例中,是class A 在初始化过程中出现死锁,所以我们关注第62行,eager_initialize:

 

 1 void InstanceKlass::eager_initialize(Thread *thread) {
 2   if (!EagerInitialization) return;
 3 
 4   if (this->is_not_initialized()) {
 5     // abort if the the class has a class initializer
 6     if (this->class_initializer() != NULL) return;
 7 
 8     // abort if it is java.lang.Object (initialization is handled in genesis)
 9     Klass* super = this->super();
10     if (super == NULL) return;
11 
12     // abort if the super class should be initialized
13     if (!InstanceKlass::cast(super)->is_initialized()) return;
14 
15     // call body to expose the this pointer
16     instanceKlassHandle this_oop(thread, this);
17     eager_initialize_impl(this_oop);
18   }
19 }

 

我们接着进入 eager_initialize_impl,该方法进入到了 InstanceKlass:

 1 void InstanceKlass::eager_initialize_impl(instanceKlassHandle this_oop) {
 2   EXCEPTION_MARK;
 3   oop init_lock = this_oop->init_lock();
 4   ObjectLocker ol(init_lock, THREAD, init_lock != NULL);
 5 
 6   // abort if someone beat us to the initialization
 7   if (!this_oop->is_not_initialized()) return;  // note: not equivalent to is_initialized()
 8 
 9   ClassState old_state = this_oop->init_state();
10   link_class_impl(this_oop, true, THREAD);
11   if (HAS_PENDING_EXCEPTION) {
12     CLEAR_PENDING_EXCEPTION;
13     // Abort if linking the class throws an exception.
14 
15     // Use a test to avoid redundantly resetting the state if there's
16     // no change.  Set_init_state() asserts that state changes make
17     // progress, whereas here we might just be spinning in place.
18     if( old_state != this_oop->_init_state )
19       this_oop->set_init_state (old_state);
20   } else {
21     // linking successfull, mark class as initialized
22     this_oop->set_init_state (fully_initialized);
23     this_oop->fence_and_clear_init_lock();
24     // trace
25     if (TraceClassInitialization) {
26       ResourceMark rm(THREAD);
27       tty->print_cr("[Initialized %s without side effects]", this_oop->external_name());
28     }
29   }
30 }

 

这里,我们重点关注第3,4行:

1、第3行,获取初始化锁;

2、第4行,加锁

 

2、获取初始化锁并加锁

这里,我们首先获取锁的操作,

1 oop InstanceKlass::init_lock() const {
2   // return the init lock from the mirror
3   oop lock = java_lang_Class::init_lock(java_mirror());
4   // Prevent reordering with any access of initialization state
5   OrderAccess::loadload();
6   assert((oop)lock != NULL || !is_not_initialized(), // initialized or in_error state
7          "only fully initialized state can have a null lock");
8   return lock;
9 }

 

其中,java_mirror() 方法就是返回 Klass 类中的以下字段:

1   // java/lang/Class instance mirroring this class
2   oop       _java_mirror;

 

再看 init_lock 方法:

1 oop java_lang_Class::init_lock(oop java_class) {
2   assert(_init_lock_offset != 0, "must be set");
3   return java_class->obj_field(_init_lock_offset);
4 }

 

这里呢,应该就是获取 我们传入的 java_class 中的某个字段,该字段就是充当 init_lock。(个人水平有限,还请指正)

 

下面为加锁操作的语句:

1   ObjectLocker ol(init_lock, THREAD, init_lock != NULL);

 

 1 / ObjectLocker enforced balanced locking and can never thrown an
 2 // IllegalMonitorStateException. However, a pending exception may
 3 // have to pass through, and we must also be able to deal with
 4 // asynchronous exceptions. The caller is responsible for checking
 5 // the threads pending exception if needed.
 6 // doLock was added to support classloading with UnsyncloadClass which
 7 // requires flag based choice of locking the classloader lock.
 8 class ObjectLocker : public StackObj {
 9  private:
10   Thread*   _thread;
11   Handle    _obj;
12   BasicLock _lock;
13   bool      _dolock;   // default true
14  public:
15   ObjectLocker(Handle obj, Thread* thread, bool doLock = true);

 

 1 // -----------------------------------------------------------------------------
 2 // Internal VM locks on java objects
 3 // standard constructor, allows locking failures
 4 ObjectLocker::ObjectLocker(Handle obj, Thread* thread, bool doLock) {
 5   _dolock = doLock;
 6   _thread = thread;
 8   _obj = obj;
 9 
10   if (_dolock) {
11     TEVENT (ObjectLocker) ;
12 
13     ObjectSynchronizer::fast_enter(_obj, &_lock, false, _thread);
14   }
15 }

 

接下来会进入到 synchronizer.cpp,

 1 // -----------------------------------------------------------------------------
 2 //  Fast Monitor Enter/Exit
 3 // This the fast monitor enter. The interpreter and compiler use
 4 // some assembly copies of this code. Make sure update those code
 5 // if the following function is changed. The implementation is
 6 // extremely sensitive to race condition. Be careful.
 7 
 8 void ObjectSynchronizer::fast_enter(Handle obj, BasicLock* lock, bool attempt_rebias, TRAPS) {
 9  if (UseBiasedLocking) {
10     if (!SafepointSynchronize::is_at_safepoint()) {
11       BiasedLocking::Condition cond = BiasedLocking::revoke_and_rebias(obj, attempt_rebias, THREAD);
12       if (cond == BiasedLocking::BIAS_REVOKED_AND_REBIASED) {
13         return;
14       }
15     } else {
16       assert(!attempt_rebias, "can not rebias toward VM thread");
17       BiasedLocking::revoke_at_safepoint(obj);
18     }
19     assert(!obj->mark()->has_bias_pattern(), "biases should be revoked by now");
20  }
21 
22  slow_enter (obj, lock, THREAD) ;
23 }

 

上面会判断,是否使用偏向锁,如果不使用,则走 slow_enter 。

 1 // -----------------------------------------------------------------------------
 2 // Interpreter/Compiler Slow Case
 3 // This routine is used to handle interpreter/compiler slow case
 4 // We don't need to use fast path here, because it must have been
 5 // failed in the interpreter/compiler code.
 6 void ObjectSynchronizer::slow_enter(Handle obj, BasicLock* lock, TRAPS) {
 7   markOop mark = obj->mark();
 8   assert(!mark->has_bias_pattern(), "should not see bias pattern here");
 9 
10   if (mark->is_neutral()) {
11     // Anticipate successful CAS -- the ST of the displaced mark must
12     // be visible <= the ST performed by the CAS.
13     lock->set_displaced_header(mark);
14     if (mark == (markOop) Atomic::cmpxchg_ptr(lock, obj()->mark_addr(), mark)) {
15       TEVENT (slow_enter: release stacklock) ;
16       return ;
17     }
18     // Fall through to inflate() ...
19   } else
20   if (mark->has_locker() && THREAD->is_lock_owned((address)mark->locker())) {
21     assert(lock != mark->locker(), "must not re-lock the same lock");
22     assert(lock != (BasicLock*)obj->mark(), "don't relock with same BasicLock");
23     lock->set_displaced_header(NULL);
24     return;
25   }
26 
34 
35   // The object header will never be displaced to this lock,
36   // so it does not matter what the value is, except that it
37   // must be non-zero to avoid looking like a re-entrant lock,
38   // and must not look locked either.
39   lock->set_displaced_header(markOopDesc::unused_mark());
40   ObjectSynchronizer::inflate(THREAD, obj())->enter(THREAD);
41 }

 

这里的代码结合注释,能大概看出来是,前面部分为轻量级锁,这里先不展开了,锁这块都可以单独写了。有兴趣的读者可以自行阅读。

 

 

四、总结

这里再说下结论吧,类初始化的过程,会对class加锁,再执行class的初始化,如果这时候发生了循环依赖,就会导致死锁。

 

如果有读者对上面的c++代码感兴趣,可以参考下面的文章,搭建调试环境:

源码编译OpenJdk 8,Netbeans调试Java原子类在JVM中的实现(Ubuntu 16.04)

  

 

posted @ 2019-08-19 18:17  三国梦回  阅读(2810)  评论(3编辑  收藏  举报