JNI Environment pointer in a static c++ object and calling a java function taking a string argument twice in a row crashes the JVM

Question

So on my commentators request I have finally found an MCVE that reproduces my error. So the general setup is that Java uses JNI to call into a dll, and the dll grabs hold of the running JVM and stores a pointer to the JNIEnv, which it uses to call methods in a java class (the java class being called from c++ is not necessarily the original calling java object, which is why the input jobject is not used for the callbacks). Before I explain any further just let me post all the code:

JniTest.java

package jnitest;

public class JniTestJava {
  public static void main(String[] args) {

    try {
      System.load("<path-to-dll>");
    } catch (Throwable e) {
      e.printStackTrace();
    }

    DllFunctions dllFunctions = new DllFunctions();
    dllFunctions.setup();
    dllFunctions.singleIntFunctionCall();
    dllFunctions.doubleIntFunctionCall();
    dllFunctions.singleStringFunctionCall();
    dllFunctions.doubleStringFunctionCall();
  }

  public void javaStringFunction(String input){
    System.out.println(input);
  }

  public void javaIntFunction(int input){
    System.out.println(input);
  }
}

DllFunctions.java

package jnitest;

public class DllFunctions{
  public native void singleIntFunctionCall();
  public native void doubleIntFunctionCall();
  public native void singleStringFunctionCall();
  public native void doubleStringFunctionCall();

  public native void setup();
}

JniTestCpp.h

#include <jni.h>
#ifndef _Included_jnitest_JniTestJava
#define _Included_jnitest_JniTestJava
#ifdef __cplusplus

extern "C" {
#endif
  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_setup(JNIEnv* java_env, jobject);
  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_singleIntFunctionCall(JNIEnv* java_env, jobject);
  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_doubleIntFunctionCall(JNIEnv* java_env, jobject);
  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_singleStringFunctionCall(JNIEnv* java_env, jobject);
  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_doubleStringFunctionCall(JNIEnv* java_env, jobject);

#ifdef __cplusplus
}
#endif
#endif

JniTestCpp.cpp

#include "JniTestCpp.h"
#include "JniTestClass.h"

JniTestClass jniTestClass;
extern "C"
{
  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_setup(JNIEnv* java_env, jobject) {
    jniTestClass.setup();
  }

  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_singleIntFunctionCall(JNIEnv* java_env, jobject) {
    jniTestClass.callJavaIntFunction();
  }

  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_doubleIntFunctionCall(JNIEnv* java_env, jobject) {
    jniTestClass.callJavaIntFunction();
    jniTestClass.callJavaIntFunction();
  }

  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_singleStringFunctionCall(JNIEnv* java_env, jobject) {
    jniTestClass.callJavaStringFunction();
  }

  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_doubleStringFunctionCall(JNIEnv* java_env, jobject) {
    jniTestClass.callJavaStringFunction();
    jniTestClass.callJavaStringFunction();
  }
}

JniTestClass.h

#include <jni.h>

class JniTestClass {
  typedef jint(JNICALL * GetCreatedJavaVMs)(JavaVM**, jsize, jsize*);
public:
  void setup();
  void callJavaStringFunction();
  void callJavaIntFunction();
  void throwException(jthrowable ex);

private:
  jobject myObject;
  jclass myClass;
  JNIEnv* env;
};

JniTestClass.cpp

#include "JniTestClass.h"
#include <Windows.h>
#include <fstream>

void JniTestClass::setup() {
  jint jni_version = JNI_VERSION_1_4;
  GetCreatedJavaVMs jni_GetCreatedJavaVMs;
  jsize nVMs = 0;

  jni_GetCreatedJavaVMs = (GetCreatedJavaVMs) GetProcAddress(GetModuleHandle(
    TEXT("jvm.dll")), "JNI_GetCreatedJavaVMs");
  jni_GetCreatedJavaVMs(NULL, 0, &nVMs); 
  JavaVM** buffer = new JavaVM*[nVMs];
  jni_GetCreatedJavaVMs(buffer, nVMs, &nVMs); 
  buffer[0]->GetEnv((void **) &env, jni_version);
  delete buffer;

  myClass = env->FindClass("jnitest/JniTestJava");
  myObject = env->NewObject(myClass, env->GetMethodID(myClass, "<init>", "()V"));
}

void JniTestClass::callJavaStringFunction() {
  jmethodID myMethod = env->GetMethodID(myClass, "javaStringFunction", "(Ljava/lang/String;)V");
  if (env->ExceptionCheck()) {
    throwException(env->ExceptionOccurred());
  }

  env->CallVoidMethod(myObject, myMethod, env->NewStringUTF("String!"));
  if (env->ExceptionCheck()) {
    throwException(env->ExceptionOccurred());
  }
}

void JniTestClass::callJavaIntFunction() {
  jmethodID myMethod = env->GetMethodID(myClass, "javaIntFunction", "(I)V");
  if (env->ExceptionCheck()) {
    throwException(env->ExceptionOccurred());
  }

  env->CallVoidMethod(myObject, myMethod, 1);
  if (env->ExceptionCheck()) {
    throwException(env->ExceptionOccurred());
  }
}

void JniTestClass::throwException(jthrowable ex) {
  env->ExceptionClear();
  jclass clazz = env->GetObjectClass(ex);
  jmethodID getMessage = env->GetMethodID(clazz,
                                          "toString",
                                          "()Ljava/lang/String;");
  jstring message = (jstring) env->CallObjectMethod(ex, getMessage);
  const char *mstr = env->GetStringUTFChars(message, NULL);

  printf("%s \n", mstr);
  throw std::runtime_error(mstr);
}

The intent here is that JniTestCpp should only have JNI exported functions and no declared classes. The idea behind the JniTestClass is that it should hold all the JNI pointers and variables (object, class and environment pointer) and provide methods that JniTestCpp can use.

Now, the way this code is presented it crashes on the dllFunctions.doubleStringFunctionCall(); call in JniTest.java with the following output:

1
1
1
String!
#
# A fatal error has been detected by the Java Runtime Environment:
#
#  EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x6e306515, pid=1268, tid=8028
#
# JRE version: Java(TM) SE Runtime Environment (7.0_80-b15) (build 1.7.0_80-b15)
# Java VM: Java HotSpot(TM) Client VM (24.80-b11 mixed mode, sharing windows-x86 )
# Problematic frame:
# V  [jvm.dll+0xc6515]

and below I have shown the 10 top stack frames from the hs_err_pidXXX.log file:

Stack: [0x02150000,0x021a0000],  sp=0x0219f49c,  free space=317k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
V  [jvm.dll+0xc6515]
V  [jvm.dll+0xc66c9]
C  [JniTestCpp.dll+0x13d52]  JNIEnv_::GetMethodID+0x42
C  [JniTestCpp.dll+0x14ecf]  JniTestClass::callJavaStringFunction+0x3f
C  [JniTestCpp.dll+0x16068]      Java_jnitest_DllFunctions_doubleStringFunctionCall+0x28
j  jnitest.DllFunctions.doubleStringFunctionCall()V+0
j  jnitest.JniTestJava.main([Ljava/lang/String;)V+38
v  ~StubRoutines::call_stub
V  [jvm.dll+0x1429aa]
V  [jvm.dll+0x20743e]

What suprises me is that if I, in JniTestCpp.cpp don't declare JniTestClass jniTestClass as a static object, but rather declare it and call setup() on it in each method like shown below, it does not crash, but produces the expected results. Also, I must say that it is rather strange that i works when calling doubleIntFunctionCall(); but not doubleStringFunctionCall();

JniTestCpp.cpp - This does not crash

#include "JniTestCpp.h"
#include "JniTestClass.h"

extern "C"
{
  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_setup(JNIEnv* java_env, jobject) {
    JniTestClass jniTestClass;
    jniTestClass.setup();
  }

  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_singleIntFunctionCall(JNIEnv* java_env, jobject) {
    JniTestClass jniTestClass;
    jniTestClass.setup();
    jniTestClass.callJavaIntFunction();
  }

  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_doubleIntFunctionCall(JNIEnv* java_env, jobject) {
    JniTestClass jniTestClass;
    jniTestClass.setup();
    jniTestClass.callJavaIntFunction();
    jniTestClass.callJavaIntFunction();
  }

  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_singleStringFunctionCall(JNIEnv* java_env, jobject) {
    JniTestClass jniTestClass;
    jniTestClass.setup();
    jniTestClass.callJavaStringFunction();
  }

  JNIEXPORT void JNICALL Java_jnitest_DllFunctions_doubleStringFunctionCall(JNIEnv* java_env, jobject) {
    JniTestClass jniTestClass;
    jniTestClass.setup();
    jniTestClass.callJavaStringFunction();
    jniTestClass.callJavaStringFunction();
  }
}

Sorry for the long post, but this was the only way I felt like I was able to unambiguously present my problem.

UPDATE

In function void JniTestClass::callJavaStringFunction() , if i change it to the following:

void JniTestClass::callJavaStringFunction() {
  jmethodID myMethod = env->GetMethodID(myClass, "javaStringFunction", "(Ljava/lang/String;)V");
  if (env->ExceptionCheck()) {
    throwException(env->ExceptionOccurred());
  }

  jstring j_string = env->NewStringUTF("String!");
  env->CallVoidMethod(myObject, myMethod, j_string);
  if (env->ExceptionCheck()) {
    throwException(env->ExceptionOccurred());
  }

  env->DeleteLocalRef(j_string);
}

where I now call DeleteLocalRef() on the jstring created with NewStringUTF() , the program still crashes but prints out this exception message:

java.lang.NoSuchMethodError: javaStringFunction

Answer 1

There are several mistakes in your code.

1. jobject myObject and jclass myClass are reused across JNI calls.

   All jobjects created inside a JNI method are local references by default. Whenever a JNI method returns, all local references are automatically released.

   If you want to reuse jobject (or jclass which is also an object reference) across method calls, you should convert it to a global reference using NewGlobalRef . When a global reference is no longer needed, it should be deleted by DeleteGlobalRef , otherwise referenced object will never be garbage-collected.

2. JNIEnv* is cached.

   In general, JNIEnv* should never be stored for later reuse. Instead you should use JNIEnv* provided as the first argument to each JNI function. Alternatively it may be obtained by GetEnv call. Note that each thread has its own JNIEnv* which is not applicable to other threads.