Re: Proposal: Post debug Java code to target JVM and exec it

Mon, 17 Jul 2023 09:11:37 -0700

this is effectively what dynamic agent loading enables, which https://openjdk.org/jeps/451 proposes to disable. 

Rgds

- Larry Cable

On 7/16/23 10:09 PM, David Holmes wrote:

On 17/07/2023 12:21 pm, Yi Yang wrote:
Actually, this is not a very new and strange idea. I often encounter similar needs in actual debugging and troubleshooting. In addition, this feature has also been implemented in some external tools (https://arthas.aliyun.com/en/doc/ognl.html <https://arthas.aliyun.com/en/doc/ognl.html>). It would be very convenient for problem diagnosis if JDK natively had this capability 

Okay please take this discussion to serviceability-dev - cc'd.

Thanks,
David


------------------------------------------------------------------
    From:David Holmes <david.hol...@oracle.com>
    Send Time:2023 Jul. 13 (Thu.) 20:34
    To:"YANG, Yi" <qingfeng...@alibaba-inc.com>; jdk-dev
    <jdk-...@openjdk.org>
    Subject:Re: Proposal: Post debug Java code to target JVM and exec it

    On 13/07/2023 8:57 pm, Yi Yang wrote:
     > Proposal: Post debug Java code to target JVM and exec it
     >
     > Hello, I have an early idea to post a piece of Java code to a
    local JVM
     > process via jcmd or jexec, like this:
     >
     > jcmd VM.exec Debug.java
     > jexec Debug.java
     >
     > class Debug {
     > public static void main(){
     > ApplicationProperties c = loadClass("ApplicationProperties");
     > // print static field of running Java program
     > System.out.println(ApplicationProperties.field1);
     > // call static method of running Java program
     > ApplicationProperties.printAll();
     > // ....
     > }
     > }
     >
     > With this approach, we can do some useful things, such as:
     > - Get some runtime data of the program
     > - Troubleshoot Java problems
     > - In rare cases, it can also assist in JVM problem diagnosis
     >
     > To protect the attach listener, we may need to create a new
    ExecThread
     > at JVM startup and execute Debug::main in this thread. Do you
    have any
     > comments on this idea?

    So basically you want the ability to ask a running JVM to execute an
    arbitrary piece of java code. That may have some uses but in general
    seems incredibly dangerous - how would you safeguard such a facility? 

    Cheers,
    David

     > Thank you.

Reply via email to