cool

cool / tips5 Comments
27
May 11

VisualVM and jps Not Finding my Java Process

Today I was hit by a weird problem and I thought I’ll share the problem and the solution (thanks for the solution goes to my colleague Lauri). Googling did not help me much (probably bad keywords or not much information about it) and hopefully this post will serve as future destination for a solution for this problem.

Problem

You are running Mac OS X (maybe the problem is relevant on other platforms too) and even if you’ve started Tomcat and you can see the Java process in the Activity Monitor or with ps you can’t see the process with jps. You are not able to connect to the process with VisualVM nor JConsole. Bummer.
Continue reading →

cool4 Comments
12
Jan 11

What are the default -Xmx and -Xms values?

Happened to read Inspecting HotSpot JVM Options and found a solution to one of the questions that I have every now and then. What are the default -Xmx and -Xms values for this JVM on this machine? The solution? Invoking java with some flags, check out the terminal session.

toomasr@cigarillo-2:~$ java -server -XX:+UnlockDiagnosticVMOptions -XX:+PrintFlagsFinal -version | grep -i heapsize
uintx ErgoHeapSizeLimit                    = 0                {product}
uintx InitialHeapSize                     := 65011712         {product}
uintx LargePageHeapSizeThreshold           = 134217728        {product}
uintx MaxHeapSize                         := 1040187392       {product}
java version "1.6.0_22"
Java(TM) SE Runtime Environment (build 1.6.0_22-b04-307-10M3261)
Java HotSpot(TM) 64-Bit Server VM (build 17.1-b03-307, mixed mode)
toomasr@cigarillo-2:~$ java -client -XX:+UnlockDiagnosticVMOptions -XX:+PrintFlagsFinal -version | grep -i heapsize
uintx ErgoHeapSizeLimit                    = 0                {product}
uintx InitialHeapSize                      = 0                {product}
uintx LargePageHeapSizeThreshold           = 134217728        {product}
uintx MaxHeapSize                          = 130862280        {product}
java version "1.6.0_22"
Java(TM) SE Runtime Environment (build 1.6.0_22-b04-307-10M3261)
Java HotSpot(TM) 64-Bit Server VM (build 17.1-b03-307, mixed mode)

If there is an easier way, let me know. Will put this one on my tool belt at the moment.

cool / creative3 Comments
27
Dec 10

Fling – Game of Furballs

Couple of months ago a mere 100 lines of Python inspired me to hack on a project for hours and hours from my free time for fun and profit, spend 10 USD on a domain name and play a prank on an investor.

This post is an intro as how this all started out. I sure hope I get around to write the other posts (see the end of the post for a list of potential subjects).

I stumbled upon an iPhone game called Fling that I still play every now and then (I purchased it about a year ago). The game is a puzzle game and your mission (should you choose to accept it) is to fling furballs into each other and the ones closest to the edges are flung off the board.

See the animated GIF for a live demo or check out the video on Youtube. Once the board has just a single furball you’ve won!

As you progress the number of Furballs per level increases and finding a solution takes more time. At certain levels it takes a lot of time. Kind of reminds me of really difficult chess puzzles that can steal an hour or two from you.

The puzzle got so popular amongst colleagues of mine from ZeroTurnaround that during lunch we would place an iPad on the table with one of the levels and who ever found it interesting would give it a shot at some difficult level.

One time over lunch we theorized on how to solve a puzzle of this sort in algorithmic terms. We had different approaches and time estimates but one of the colleagues showed up with a Python solution the next day. Took him less than 90 minutes (apparently attended a not so interesting lecture). And in terms of time complexity we figured that on every move every furball has len(furballs) - 1 furballs to kick out so (n-1)! should be a rough upper bound estimate.

These 100 lines of Python code started a chain reaction of learning more Python, detecting furballs from screenshots, solving the puzzle by outputting images with the moves, email exchange with the author and prank pitching him as an investor, writing an email frontend (you can send in your screenshot), profiling Python, checking out Jython and hopefully some more blog posts on the subject.

coolNo Comments
4
Aug 10

Master Debugging Class: RMI

Today we had a most interesting encounter with the quirks of our environment and RMI. We use RMI in our new LiveRebel product to connect the management console to the remote agents. Commonly, the agent code is obfuscated by Proguard. However as obfuscation renames the classes it prevents us from doing any debugging, so I made a vanilla build and started the debugger.

BOOM! The particular method I needed to call throws an exception “java.rmi.UnmarshalException: unrecognized method hash: method not supported by remote object”. Googling tells me that this usually means that different classes are deployed on the client and server, so I spend the next half an hour making sure that the JAR on the client and server is exactly the same. A complicating condition is that this particular method returns an object from a third-party library, and to avoid conflicts with the user code we rename the package of that library using JarJar.

As I establish beyond reasonable or unreasonable doubt that the JAR really is the same I start looking into other potential issues. As the exception reports the hash to be missing I start looking into how the hash is calculated for the RMI calls. A fair amount of debugger stepping (a useful tip is that you can put a method breakpoint even if you don’t have the code) reveals that sun.rmi.server.Util.computeMethodHash() calculates the hash using the digest of the method name and signature. Not much room for mistakes there, but nevertheless I put a method breakpoint on UnicastServerRef.dispatch(), which is the last call in the stack trace and dump hashes for all methods in the target class from a static map.

Next I make sure that the hashes are the same on client and server. Decompiling the RMI Stub shows that it includes the precalculated hashes in the call. First check on a different method that I know to work shows that the hashes are the same. But the hash for the problematic method is different in the Stub than in the server map. WTF is wrong?

Here I probably should have verified the next assumptions, but luckily an epiphany interferes. Turns out that the rmic compiler is called before the third-party library is renamed, so the hash is calculated with the wrong packages in the signature. As the JarJar will then rename the signature in the Stub class, it is almost impossible to notice. However the last remaining question is why the hell did it work at all? The hashes should have been different all the time, not just in the vanilla build. A little digging reveals, that as Proguard commonly renames the classes in RMI signatures it will go and fix the RMI hash for you.

EOF

cool / humour8 Comments
7
Jul 10

When Manners Run Out – Story of a Website Theft

A guest post from our intern Tony. He has traveled all the way from North-America just to learn the ropes of programming and IT culture from us. He’s last week’s priority 2 task was to handle our site being stolen problem.

A few months ago we discovered that our website (http://www.zeroturnaround.com) had been stolen by jbrute.info (I won’t link it, you need to copy-paste yourself), in every sense of the word. (HTML, CSS, JavaScript, even our logo, HOTLINKED!) A simple side-by-side screenshot will show you the extent of their blatant behavior.

Furious as we were, we managed to keep our manners and reached out (tried to at least) to the author of of jbrute.info and their hosting provider. Sadly, the only response we ever had other than SMTP MAIL CANNOT BE DELIVERED is a canned email instructing us how to write a formal DMCA takedown notice.

We then turned to starting a blog post and asking your help on what you would do in our shoes. As Karl Marx would put it, “the power of the people is strong”, and before long the community came up with a few nothing-less-than-brilliant ideas. (We are not Communists and are not related to the Tsars in anyway, I promise, even though our operational base in Central Estonia might lead you to think otherwise :P)

In particular, Joe Walnes pointed out that since jbrute.info hotlinks .php files and JavaScript from our website, by “check[ing] the HTTP_REFERER, [we] can conditionally change the contents, and with JavaScript [we] can make the page look however [we] want.”

Sadly, life got busy and almost three months suddenly went by, and this little incident was nearly forgotten. Last week, we stumbled upon JBrute once again… Finally we got around to acting on Joe’s advice and, in the most hackish fashion, decided to take it upon ourselves to deliver a truly custom “DMCA Takedown notice” over two glasses of beer. Here is a screenshot of the finished work :) We encourage you to check out jbrute.info (this time I linked :( ) for yourself.

Just to prove our point, we bring you the pseudo xkcd comic.

I hope you enjoyed our little mischief. We’ll keep you posted on the status of jbrute over the coming days following this post and we’ll follow up next week with the technical details – How to un-hack a website! Keep tuned :)

← Older Entries
Newer Entries →