1

Like this question - I'm trying to load in an existing jfr file that has been recorded on another machine external to our organisation. I now want to deobfuscate the information, either as a plugin for JDK Mission Control, or as a utility for reading in a jfc file and writing out a de-obfuscated version.

My class does the relevant implementation of the API

public class JFRProcessor implements IParserExtension {
//impementation details below

And I have tested it (successfully) with the following

List<File> files = new ArrayList<>();
files.add(new File("/user/rafe/Input001.jfr"));
    
List<IParserExtension> extensions = new ArrayList<>();
extensions.add(new JFRProcessor());

IItemCollection events = JfrLoaderToolkit.loadEvents(files, extensions);
    
//write out to xml to validate the change
RecordingPrinter printer = new RecordingPrinter(new PrintWriter(new File("/user/rafe/Output0001.xml")), Verbosity.HIGH, false);
printer.print(events);

When I then try to export this as a jar, I have the fully qualified classname (com.extension.JFRProcessor) in the relevant META-INF/services/org.openjdk.jmc.flightrecorder.parser.IParserExtension file - and JDK Mission Control doesn't do anything with the plugin (when put in the drop-ins directory).

This was then verified by exporting the jar and in a separate project (with the exported jar in the build path):

ServiceLoader<IParserExtension> loader = ServiceLoader.load(IParserExtension.class,
            IParserExtension.class.getClassLoader());

Another approach that I took was to write out the events:

I have also tried using the latest SNAPSHOT release of JDK Mission Control with the new Recordings class in org.openjdk.jmc.flightrecorder.writer.api but I am struggling to see how to get between the IItemCollection and any useful data to feed into the Recording instance that I'm trying to rewrite into.

final Recording rec = Recordings.newRecording("/user/rafe/Output-001.jfr");
events.forEach(event -> {
    IType<IItem> type = event.getType();
    rec.writeEvent(typedValue);
});

Any help would be appreciated for either approach - as I'm struggling to see how to use this without de-obfuscating the data first!

Rafe
  • 512
  • 1
  • 4
  • 15
  • FWIW. It will not help you now, but we are currently looking into adding filtering capabilities to the JDK\bin\jfr tool. One functionality we are considering is a way to translate string values, for example. $jfr filter --translate filter.prop i--output scrubbed.jfr recording.jfr where filter.prop contains key-value pairs that should be replaced. It could be used for i18n, deobfuscation and remove security related text, for example IP-addesses. https://bugs.openjdk.java.net/browse/JDK-8271232 It will be able to operate on recording files from earlier releases as well. – Kire Haglin Aug 16 '21 at 17:00
  • Thanks for that information - it would certainly make the jfr files more usable. – Rafe Aug 17 '21 at 00:34
  • Seems there is an open issue for issues with the dropins folder: https://bugs.openjdk.java.net/browse/JMC-5994 – Rafe Aug 17 '21 at 04:46

0 Answers0