background
Although hot updating code in a production environment is not very good behavior, it is likely to result in: hot more non-standard, two lines of tears from colleagues.
But there are a lot of times we do want to hot-update code, such as:
We checked the problem online and found the fix idea, but after the application was restarted, the environment was changed and it was difficult to reappear. How do I validate the fix?
Such as:
During local development, I found a bug in an open source component and wanted to change the validation. If you compile open source components and then release them, the process is very long and may not be successful. Is there a way to test it quickly?
Arthas is Alibaba’s open source Java application diagnostics tool that developers love.
Arthas 3.1.0 jad/ MC/Re-define dragon was used to update the code.
- Arthas: github.com/alibaba/art…
- Jad command: alibaba. Making. IO/arthas/jad….
- MC command: alibaba. Making. IO/arthas/MC. H…
- Redefine the command: alibaba. Making. IO/arthas/rede…
Arthas online tutorial
The Arthas online tutorial demonstrates the process of hot updating code.
- Arthas Advanced Tutorial
In this example, visiting curl http://localhost/user/0 returns 500 errors:
{
"timestamp": 1550223186170."status": 500."error": "Internal Server Error"."exception": "java.lang.IllegalArgumentException"."message": "id < 1"."path": "/user/0"
}
Copy the codeLet’s change this logic by hot updating the code.
Jad decompiles the code
Decompile UserController and save to/TMP/userController.java.
jad --source-only com.example.demo.arthas.user.UserController > /tmp/UserController.java
Copy the codeModify the uncompiled code
/ TMP/userController.java: / TMP/userController.java: / TMP/userController.java: / TMP/userController.java:
@GetMapping(value={"/user/{id}"})
public User findUserById(@PathVariable Integer id) {
logger.info("id: {}", (Object)id);
if(id ! =null && id < 1) {
return new User(id, "name" + id);
// throw new IllegalArgumentException("id < 1");
}
return new User(id.intValue(), "name" + id);
}
Copy the codeSc finds the ClassLoader to load the UserController
$ sc -d *UserController | grep classLoaderHash
classLoaderHash 1be6f5c3
Copy the codeIt can be found that spring Boot’s LaunchedURLClassLoader@1be6f5c3 loaded.
MC memory programming code
After saving/TMP/userController.java, use MC (Memory Compiler) and specify ClassLoader with -c:
$ mc -c 1be6f5c3 /tmp/UserController.java -d /tmp
Memory compiler output:
/tmp/com/example/demo/arthas/user/UserController.class
Affect(row-cnt:1) cost in 346 ms
Copy the codeRe-define hot update code
Re-define userController.class to reload the newly compiled userController.class:
$ redefine /tmp/com/example/demo/arthas/user/UserController.class
redefine success, size: 1
Copy the codeVerify the thermal update results
Visit curl http://localhost/user/0 again and it will return normally:
{
"id": 0."name": "name0"
}
Copy the codeconclusion
Arthas jad/ MC/Re-define a dragon hot update code online, very powerful, but also dangerous, need to manage permissions.
For example, the online application startup account is admin, when the user can switch to admin, then
- The user can modify and retrieve any memory value for the application (Java or not)
- The user can attach the JVM
- After attaching the JVM, re-define the class using the JVM’s own API
So:
- Application security depends on the management of user permissions
- Arthas basically made JVM Re-define easier. Users can use other tools to achieve the same effect
Finally, Arthas reminds you: There are thousands of diagnoses, but the first rule is that heat is even more non-standard, and two lines of tears.
Arthas Practical series
- Alibaba Arthas practice – get the Spring Context and do whatever you want
- Arthas Practice – Quick troubleshooting of 404/401 problems with Spring Boot applications
- When Dubbo meets Arthas: The Practice of troubleshooting problems
- Arthas Practice — Use Re-define app for strange log sources
- Arthas was used to sift through the online application logs for problems
- Deep into Spring Boot: Arthas check NoSuchMethodError
The public,
Welcome to hengyun Dubbo’s column focusing on Java, Spring Boot, Arthas, Dubbo.
