iOS crash in CFStringGetLength in CoreFoundation

Question

I'm getting a crash that, to me, seems as though it is a bug in the way that Apple is handling the goToDefaultLocation message of MKMapView. That message in turn calls [ALCityManager localeWithCode:], which calls [NSLocale componentsFromLocaleIdentifier:] which calls CFLocaleCreateComponentsFromLocaleIdentifier which calls CFStringGetLength and the crash occurs.

Can someone help to point me in the direction of either fixing the bug, if it is my code that is causing this, or, helping me find a workaround if, in fact, this is a bug in Apple's code (unlikely??).

Crash log below:

Incident Identifier: 84198BB6-45BD-493B-955F-75CCB5246DDD
CrashReporter Key:   7dbf53bf1f1a3635d7c3c49e726dedc609ed9f3a
Hardware Model:      iPhone3,1
Process:         MyApp [340]
Path:            /var/mobile/Applications/DCE9A5A1-8E24-4D4F-A1ED-9855C6CA1742/MyApp.app/MyApp
Identifier:      MyApp
Version:         ??? (???)
Code Type:       ARM (Native)
Parent Process:  launchd [1]

Date/Time:       2011-03-25 10:36:06.382 -0700
OS Version:      iPhone OS 4.3 (8F190)
Report Version:  104

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x00000000
Crashed Thread:  0

Thread 0 name:  Dispatch queue: com.apple.main-thread
Thread 0 Crashed:
0   CoreFoundation                  0x00009a66 CFStringGetLength + 6
1   CoreFoundation                  0x0002f994 CFLocaleCreateComponentsFromLocaleIdentifier + 60
2   CoreFoundation                  0x000483b8 +[NSLocale componentsFromLocaleIdentifier:] + 12
3   AppSupport                      0x00016eee -[ALCityManager localeWithCode:] + 130
4   MapKit                          0x00038488 -[MKMapView goToDefaultLocation] + 80
5   Foundation                      0x000907c6 __NSFireTimer + 130
6   CoreFoundation                  0x00075a40 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 8
7   CoreFoundation                  0x00077ec4 __CFRunLoopDoTimer + 844
8   CoreFoundation                  0x0007883e __CFRunLoopRun + 1082
9   CoreFoundation                  0x00008ebc CFRunLoopRunSpecific + 224
10  CoreFoundation                  0x00008dc4 CFRunLoopRunInMode + 52
11  GraphicsServices                0x00004418 GSEventRunModal + 108
12  GraphicsServices                0x000044c4 GSEventRun + 56
13  UIKit                           0x0002ed62 -[UIApplication _run] + 398
14  UIKit                           0x0002c800 UIApplicationMain + 664
15  MyApp                               0x000023f0 main (main.m:34)
16  MyApp                               0x00002370 start + 44

Answer 1

I got exactly the same crash reports, ONLY with iOS 4.3 / 4.3.1 AND iPhone 3GS/4 (armv7)

I think it is an Apple Bug, iOS4.3 has others ugly regressions concerning MapKit. (like the MKReverseGeocoder early releasing crash...)

1. An easy workaround would be to override -[MKMapView goToDefaultLocation] but at the risk of an Apple rejection since it is a private API... (Rejected for a bug workaround... I know... People are mean)

2. Another solution would be to analyze (reverse...) CFLocaleCreateComponentsFromLocaleIdentifier and componentsFromLocaleIdentifier: and [ALCityManager localeWithCode:] to understand how it can crash, being called with a nil locale identifier and maybe fix application locale programmatically, since it looks like the error coming from determining user's locale from device settings (or worse, from city/geolocation)... or at least WARN user that its locale settings might cause troubles... Something I just can not(/want to) do, not being able to reproduce that bug.

Answer 2

Well your exception code is EXC_BAD_ACCESS. This is generally a memory-management error (i.e. some bit of code tried to access an object that had already been released/dealloc'ed).

It is possible but very unlikely that this is a bug in Apple/framework code. It's more likely that somewhere in your code you are either over-releasing something or hanging on to an auto-released object instance or otherwise accessing something that shouldn't be accessed.

Given that the crash happened in MapKit, I'd recommend looking at your map-related code for possible sources of this crash. Note that MapKit can be a bit tempermental; I've seen crashes in cases such as attempting to access the LocationManager's current-location when the user has location-services turned off. I'd expect such a case to fail (for instance, by returning a nil location), but not to crash the app.