在一年前的blog中,我们提到了由于JNI中的对象出现内存泄漏导致的JNI global reference table overflow,会导致system_server进程被kill掉而发生系统重启。
https://blog.csdn.net/aaajj/article/details/83141985
系统重启,log
pid: 1279, tid: 2518, name: Binder:1279_9 >>> system_server <<<
signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
Abort message: 'art/runtime/indirect_reference_table.cc:132] JNI ERROR (app bug): global reference table overflow (max=51200)'
backtrace:
#00 pc 000000000006d794 /system/lib64/libc.so (tgkill+8)
#01 pc 000000000006abb4 /system/lib64/libc.so (pthread_kill+64)
#02 pc 0000000000024098 /system/lib64/libc.so (raise+24)
#03 pc 000000000001c93c /system/lib64/libc.so (abort+52)
#04 pc 000000000043581c /system/lib64/libart.so (_ZN3art7Runtime5AbortEPKc+464)
#05 pc 00000000000e5e7c /system/lib64/libart.so (_ZN3art10LogMessageD2Ev+1592)
#06 pc 000000000024dd48 /system/lib64/libart.so (_ZN3art22IndirectReferenceTable3AddEjPNS_6mirror6ObjectE+308)
#07 pc 00000000002f2468 /system/lib64/libart.so (_ZN3art9JavaVMExt12AddGlobalRefEPNS_6ThreadEPNS_6mirror6ObjectE+60)
#08 pc 000000000032de8c /system/lib64/libart.so (_ZN3art3JNI12NewGlobalRefEP7_JNIEnvP8_jobject+596)
#09 pc 0000000000101454 /system/lib64/libandroid_runtime.so (_ZN7android20javaObjectForIBinderEP7_JNIEnvRKNS_2spINS_7IBinderEEE+428)
#10 pc 00000000000f5a3c /system/lib64/libandroid_runtime.so
#11 pc 000000007564f254 /data/dalvik-cache/arm64/system@framework@boot-framework.oat (offset 0x19fc000)
主要发生泄漏的地方在javaObjectForIBinder 和 contentObersver对象的处理上,这2个地方Android代码中都进行了修复处理,
恶意注册contentObersver的进程由于binderProxy对象太多,会被系统kill掉。具体处理过程可抓log查看,
参考apk
https://github.com/SundayCool/JNIoverflow
系统进程system_server将很难出现JNI global reference table overflow导致的重启问题了,
所以,JNI global reference table overflow将会淡出开发者的视线,或许会被遗忘。
再见了,JNI global reference table overflow