This document discusses bytecode manipulation in Java. It begins with an overview of bytecode and how it works. It then covers how to manipulate bytecode using tools like Javaassist. Key reasons for manipulating bytecode are discussed, such as program analysis, class generation, security, and transforming classes without source code. The document proposes building a Java agent that tracks MongoDB operations and exposes metrics via JMX. It concludes by asking if anyone has any questions.

1. Byte code manipulation and
instrumentalization in Java
Alex Moskvin
CEO/CTO @ Plexteq

2. About myself
• CEO/CTO Plexteq OÜ
• Ph.D in information technology area
• Interests
• Software architecture
• High loaded systems
• Everything under the hood
• AI/ML + BigData
• Knowledge sharing ;)
• Follow me
• https://twitter.com/amoskvin
• https://www.facebook.com/moskvin.aleksey

3. Agenda
1. What is bytecode
2. How to manipulate byte code
3. Why would we need manipulate byte code
4. Let’s have some fun
1. Java agent
2. Expose java agent metrics via JMX
3. Use Java agent with regular Spring boot application

4. Disclaimer ;)
This talk is based on personal experience.
Use at your own risk.

5. Bytecode
Java bytecode is the result of the compilation of a Java program, an
intermediate representation of that program which is machine
independent.
The Java bytecode gets processed by the Java virtual machine (JVM)
instead of the processor. It is the job of the JVM to make the necessary
resource calls to the processor in order to run the bytecode.

6. Bytecode

7. Bytecode
“A Java programmer does not need to be aware of or understand Java
bytecode at all.”
- Wikipedia

8. Bytecode

9. Bytecode

10. Bytecode
$ javac HelloWorldA.java
$ file HelloWorldA.class
$ cat -v HelloWorldA.class
$ hexdump HelloWorldA.class

11. Bytecode
$ javac HelloWorldA.java
$ file HelloWorldA.class
$ cat -v HelloWorldA.class
$ hexdump HelloWorldA.class

12. Bytecode
• Magic Number: 0xCAFEBABE
• Version of Class File Format: the minor and major versions of the class file
• Constant Pool: Pool of constants for the class
• Access Flags: for example whether the class is abstract, static, etc.
• This Class: The name of the current class
• Super Class: The name of the super class
• Interfaces: Any interfaces in the class
• Fields: Any fields in the class
• Methods: Any methods in the class
• Attributes: Any attributes of the class (for example the name of the
sourcefile, etc.)

13. Bytecode
It’s javap time
https://docs.oracle.com/javase/specs/jvms/se7/html/jvms-6.html

14. Bytecode

15. Bytecode
JVM added constructor for us

16. Bytecode
JVM thread stack
Frame
Operand stack
Each thread of execution that stores frames
that represent method invocations
Each frame holds data, partial results, method return values and
performs dynamic linking
Each frame contains stack, known as Operand stack which holds
the operand values of JVM types

17. Bytecode
Java bytecodes instructions fall into these major categories:
• Load and store
• Method invocation and return
• Control transfer
• Arithmetical operation
• Type conversion
• Object manipulation
• Operand stack management

18. Bytecode
Call to super()
System.out.println(“Hello world”);
• Get System.out value out of a static field (i.e. PrintStream o = java.lang.System.in;)
• Put “Hello world” to operand stack
• Invoke java.io.PrintStream.println method on operant stack

19. Bytecode
More advanced case 

20. Bytecode

21. Bytecode
Compiler time optimization
• “new” allocates StringBuilder object on heap
• “dup” duplicates the value on top of the stack
• “invokevirtual” invokes constructor

22. Bytecode
Happy disassembling!
https://en.wikipedia.org/wiki/Java_bytecode_instruction_listings

23. Bytecode manipulation
• Bytecode is just an array of bytes
• Bytecode of a class represents method declarations with instructions
set
• Java class loading mechanisms allow to load bytecode from
everywhere
• Byte code could be generated at the runtime
• Byte code of application could be changed at runtime using Agents

24. Bytecode manipulation

25. Bytecode manipulation

26. Bytecode manipulation :: Javaassist
• How do we modify bytes using Javassist?

27. Bytecode manipulation :: Javaassist

28. Bytecode manipulation :: Javaassist
• Prerequisites
<dependency>
<groupId>org.javassist</groupId>
<artifactId>javassist</artifactId>
<version>3.23.0-GA</version>
</dependency>
• Limitations
• No syntatic sugar (i.e foreach, full class names)
• No generics support

29. Bytecode manipulation
Let’s code!

30. Bytecode manipulation
Why would we need manipulate byte code?

31. Bytecode manipulation
• Program analysis:
• find bugs in your application
• examine code complexity
• find classes with a specific annotation
• Class generation:
• lazy load data from a database using proxies
• Security:
• restrict access to certain APIs
• code obfuscation
• Transforming classes without the Java source code:
• code profiling / instrumentalization
• code optimization

32. Bytecode manipulation

33. Bytecode manipulation :: Java agent
• We can use a core Java feature introduced in 1.5 to manipulate the
bytecode. This feature is called a Java agent.

34. Bytecode manipulation :: Java agent

35. Bytecode manipulation :: Java agent

36. Bytecode manipulation :: Java agent
public class JavassistAgent
{
public static void premain(String agentArgs, Instrumentation inst) {
System.out.println("Starting the agent");
inst.addTransformer(new ImportantLogClassTransformer());
}
}
public class ImportantLogClassTransformer implements ClassFileTransformer
{
public byte[] transform(ClassLoader loader, String className,
Class classBeingRedefined,
ProtectionDomain protectionDomain,
byte[] classfileBuffer) throws IllegalClassFormatException {
// manipulate the bytes here
return modified bytes;
}
}

37. Bytecode manipulation :: Java agent
manifest.mf
Manifest-Version: 1.0
PreMain-Class: com.example.Agent007

38. Fun
Let’s have some fun!
Good point to start with:
https://github.com/tomsquest/java-agent-asm-javassist-sample

39. Fun
Specifically:
1. Let’s code a Java Agent that gathers invocations to MongoDB Java
driver (insert, update, find) operations
2. Expose stats using JMX
3. Try agent with real Spring boot app

40. Fun :: JMX
Java Management Extensions (JMX) is a Java technology that supplies
tools for managing and monitoring applications, system objects,
devices (such as printers) and service-oriented networks.
Covered by JSR 160
Cool and simple implementation:
https://github.com/j256/simplejmx

41. Questions?

42. We are hiring!