0

目标:

  • 将 C++ 类绑定Buf到 Java 类Bug
  • 让C++Buf调用Java的方法Bug
  • 不要崩溃(如何?)

目的:

  • 路由std::cout到 Android 应用程序中的文本字段
  • 将 C++ 绑定stringbuf到 JavaOutputStream

爪哇Bug

  • JavaBug的构造函数将构造一个C++Buf
  • JavaBug将其JNIEnvand传递jobject给 C++ Buf
  • JavaBug包含指向 C++ 的指针Buf
  • JavaBugbeep()方法调用 C++Buf::beep()

C++ Buf

  • 存储JNIEnvjobject来自 JavaBug
  • Buf::beep()当它试图找到的 java 类时崩溃jobject

MainActivity.java

  • 使用Native C++ template
  • 安卓工作室
  • 无聊的

错误:

A/org.so.buggy: runtime.cc:663] 
JNI DETECTED ERROR IN APPLICATION: 
    use of invalid jobject 0xffbdfb78 from 
    void org.so.buggy.Bug.beep()

    --------- beginning of crash
A/libc: Fatal signal 6 (SIGABRT), code -1 (SI_QUEUE) in tid
6865 (org.so.buggy), pid 6865 (org.so.buggy)

错误.java:

package org.so.buggy;

// Wrapper for the C++ Buf
public class Bug {
    public Bug() {
        init();
    }
    public native void beep();  // <- Crash here
    private native void init(); // Construct Buf
    private long nativeHandle;  // Pointer to Buf
}

本机-lib.cpp:

#include <jni.h>

class MyBuf {
public:
    MyBuf(JNIEnv *env, jobject obj) :
            _env(env), _obj(obj) {
        _env->GetObjectClass(_obj); // no crash
    };

    void beep() {
        _env->GetObjectClass(_obj); // crash!
    }

private:
    JNIEnv *_env;
    jobject _obj;
};

// -- Manage the Java object's connection -- //
// -- to the C++ object (Buf)             -- //
jfieldID getHandleField(JNIEnv *env, jobject obj) {
    jclass c = env->GetObjectClass(obj);
    return env->GetFieldID(c, "nativeHandle", "J");
}

MyBuf *get_handle(JNIEnv *env, jobject obj) {
    // Get pointer to C++ Buf from the Java object
    jlong handle = env->GetLongField(obj, getHandleField(env, obj));
    return reinterpret_cast<MyBuf *>(handle);
}

void set_handle(JNIEnv *env, jobject obj, MyBuf *instance) {
    // Java object's handle = pointer to C++ Buf
    jlong handle = reinterpret_cast<jlong>(instance);
    env->SetLongField(obj, getHandleField(env, obj), handle);
}

extern "C" void
Java_org_so_buggy_Bug_init(JNIEnv *env, jobject obj) {
    auto *instance = new MyBuf(env, obj);
    set_handle(env, obj, instance);
}

// ---- The beep that crashes the app ---- //
extern "C" void
Java_org_so_buggy_Bug_beep(JNIEnv *env, jobject obj) {
    auto *p = get_handle(env, obj);
    p->beep();
}

MainActivity.java

package org.so.buggy;
import androidx.appcompat.app.AppCompatActivity;
import android.os.Bundle;

public class MainActivity extends AppCompatActivity {
    static {System.loadLibrary("native-lib");}
    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        Bug b = new Bug();
        b.beep();
    }
}
4

1 回答 1

-1

你可以添加 Try{} catch{}。有了这些你可以停止你的软件崩溃并顺利运行

于 2020-11-15T06:27:54.733 回答