JSONKit appears to be crashing on app load, EXC_BAD_INSTRUCTION (SIGILL)

[Thrawn123]

My app seems to be crashing on some devices on startup after they upgrade to a new version of the app. All the crash reports I have seen all seem to point to JSONKit. Any help/suggestions would be greatly appreciated. JSONKit.h and JSONKit.m are compiled directly into the app. Thank you in advance.

Hardware Model: iPad3,2 Code Type: ARM (Native) OS Version: iOS 6.0 (10A403) Exception Type: EXC_BAD_INSTRUCTION (SIGILL) Exception Codes: 0x0000000000000001, 0x00000000eab40cd7 Crashed Thread: 0

Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed: 0 iosapp 0x000e8fe6 jk_collectionClassLoadTimeInitialization (JSONKit.m:638) 1 dyld 0x2ff06628 ImageLoaderMachO::doInitialization(ImageLoader::LinkContext const&) + 16 2 dyld 0x2ff03a3a ImageLoader::recursiveInitialization(ImageLoader::LinkContext const&, unsigned int, ImageLoader::InitializerTimingList&) + 382 3 dyld 0x2ff03874 ImageLoader::runInitializers(ImageLoader::LinkContext const&, ImageLoader::InitializerTimingList&) + 36 4 dyld 0x2fefad04 dyld::initializeMainExecutable() + 172 5 dyld 0x2fefd85c dyld::_main(machoheader const, unsigned long, int, char const, char const, char const_, unsigned long) + 1804 6 dyld 0x2fefa32c dyldbootstrap::start(machoheader const, int, char const__, long, machoheader const, unsigned long*) + 604 7 dyld 0x2fefa064 _dyld_start + 60

Thread 0 crashed with ARM Thread State (32-bit):

[jymmyt]

We are seeing this same crash, but only on the binary downloaded from the App Store. Testing the same binary resigned for AdHoc delivery, we are not able to recreate the issue. Has anyone found a resolution this yet?

[Bo98]

@jymmyt

Is it the same hardware model and/or OS version as what Thrawn123 posted?

[Thrawn123]

I am seeing crash reports like this from both iPads and iPhones. Up to this point they all seem to be iOS 6.

[jymmyt]

All iOS 6, but different h/w models.

[Thrawn123]

The weird thing about it, it only happens when updating the app from the app store. A manual fix that works every time is to delete the app and then redownload it from app store.

[jymmyt]

@Thrawn123 Yes, that is the same behavior we have, it only crashes on update.

[ndfred]

We experienced the exact same issue last week: some users upgrading the app from the App Store on their iOS 6 device had this crash. The crash being on the function call and not on the code inside the function and jk_collectionClassLoadTimeInitialization probably being the first code that runs from within the app, I can only speculate that symbols got mixed up by dyld leading to a "I won't execute garbage" crash.

jk_collectionClassLoadTimeInitialization is the only function in our app that has the __attribute__ ((constructor)) attribute. Maybe using + load is a safer bet, but this bug is impossible to reproduce. It looks like it's quite widespread though, if anyone has a more educated guess please chime in. I'll keep you posted on my end as we investigate the issue.

102 looks related.

[jaunkst]

jk_collectionClassLoadTimeInitialization (JSONKit.m:638)

NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init]; // Though technically not required, the run time environment at load time initialization may be less than ideal.

[ndfred]

After investigating a bit more, some +load methods are called before this JSONKit function is, so the symbols look right.

We have an ARC binary that has JSONKit compiled in with -fno-objc-arc. jk_collectionClassLoadTimeInitialization is the first non-ARC code that is called. Maybe the NSAutoreleasePool call somehow causes the crash. Still investigating.

[pianofab]

Please confirm that you are not using JSONKit within an application compiled with ARC. (JSONKit is not compatible with ARC, see documentation.) See also https://developer.apple.com/library/mac/#documentation/Cocoa/Reference/Foundation/Classes/NSAutoreleasePool_Class/Reference/Reference.html as to the NSAutoreleasePool which is not legal with ARC.

[ndfred]

JSONKit wouldn't even compile if we tried to build it with ARC. As I said, we compiled JSONKit.m with the -fno-objc-arc switch, which allows us to mix ARC and non-ARC code. NSAutoreleasePool is a valid class in a file compiled with -fno-objc-arc.

[ndfred]

Filed radar 12507530 to track the issue.

[DTown]

Got the same issue with my App. Did not change much since the last update, just a some lines of harmless code, that should not make the app crash directly after app start. Reinstalling the App helps, but updating leads to that crash on some devices (iOS6). JSONKit is implemented in the AFNetworking framework, that I use, everything worked fine so far and still works except for that AppStore iOS6 updating problem.

My first thought was, that it is this corrupted binaries problem the app store had in july this year. But this seems to be fixed: http://www.marco.org/2012/07/04/app-store-corrupt-binaries

[mikanx]

With our last update built with xcode 4.5.1 our app crashes on startup, but only with the downloaded appstore version. any other versions (debug, adhoc or release) installed by xcode on the device did not crash. The crash log shows:

Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00000051 Crashed Thread: 0

Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed: 0 myapp 0x00074700 0x34000 + 263936 1 dyld 0x2fe3fc6a ImageLoaderMachO::doInitialization(ImageLoader::LinkContext const&) + 14 2 dyld 0x2fe3d866 ImageLoader::recursiveInitialization(ImageLoader::LinkContext const&, unsigned int, ImageLoader::InitializerTimingList&) + 318 3 dyld 0x2fe3e826 ImageLoader::runInitializers(ImageLoader::LinkContext const&, ImageLoader::InitializerTimingList&) + 34 4 dyld 0x2fe35a3a dyld::initializeMainExecutable() + 266 5 dyld 0x2fe39c16 dyld::_main(machoheader const, unsigned long, int, char const, char const, char const__) + 1430 6 dyld 0x2fe342c8 dyldbootstrap::start(machoheader const, int, char const*_, long, machoheader const) + 572 7 dyld 0x2fe34058 _dyld_start + 48

debugging the app with breakpoint on jk_collectionClassLoadTimeInitialization, shows the same stackframe as shown above (but without crashing) and was called before entering applicationDidFinishLaunching. cause i could not reproduce this crash, i decided to do following steps:

• stop using jsonkit, now using NSJSONSerialization
• disable optimization

so i cross my fingers and released the app again, requesting an expedited review (app was approved and ready for sale after 24hrs). Now the app doesnt crash anymore. But with this solution, you cant support IOS 4.x.

i dont know for sure if jsonkit is the cause. the previous app version with jsonkit didnt crash. Maybe someone find this information useful.

[DTown]

Hi Guys,

Apple gave me the answere that they soved the update problem for my app, so I inserted it in the app store again, and now everything works fine. So maybe you should contact Apple ...

I had the following exception type

Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00000000

That's what Apple wrote me: We believe this issue has been resolved. If your customers are still encountering any issues with your app crashing upon launch after an update, please let us know.

[ndfred]

Apple sent a re-update of our app earlier last week. Apparently that's a delta update issue specific to some apps on iOS 6 affecting users updating apps from the App Store on their device. To my knowledge, this is not a JSONKit issue. You should contact Apple if you're experiencing such an issue so they either re-update the app or flag your new build as a full update (instead of a delta update).