奇怪的KERN_INVALID_ADDRESS例外？

我正面临着一个奇怪的OC异常，看来我正在向已发布的地址发送消息，但是当我

1. 尝试检查它是否为NULL，它仍然崩溃。
2. 尝试调试或添加@try @catch，它捕获了所有内容，但是运行了几天，根本没有崩溃。

例外

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000000010
VM Region Info: 0x10 is not in any region.  Bytes before following region: 4304617456
      REGION TYPE                      START - END             [ VSIZE] PRT/MAX SHRMOD  REGION DETAIL
      UNUSED SPACE AT START
--->  
      __TEXT                        100934000-100a98000        [ 1424K] r-x/r-x SM=COW  ...x/APP

Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL,Code 0xb
Terminating Process: exc handler [18302]
Triggered by Thread:  22

下面的代码不严格，仅显示逻辑（代码在一个串行调度队列中运行）

struct st_type {
    void *arg; 
};

static NSMutableDictionary *dictionary;
    
// init values
void init ()
{

    // there is a static dictionary to retain the object
    dictionary = [[NSMutableDictionary alloc]init];
    
    
    // an object reference saved in dictionary and a struct holds it's pointer
    NSObject *obj = [[NSObject alloc]init];
    
    struct st_type *st = malloc(sizeof(struct st_type));
    st->arg = (__bridge void *)obj;
    dictionary[@"cached"] = obj;
    
    // then the struct * passes to every where,I think it's safe because the object always in the dictionary.
    ...
}


// the only place to release the nsobject,so I think there is no chance to EXC_BAD_ACCESS,but ...
void release_object(struct st_type *st,NSObject obj){
    [dictionary removeObjectForKey:@"cached"];
    st->arg = NULL;
}

// some where to use the struct
void use_struct(struct st_type *st){
    if(st->arg == NULL){
        return;
    }
// if I add try catch,it never crashs
//    @try {   
    NSObject *obj = (__bridge NSObject*)st->arg;
    [obj description]; // crash here.
//    } @catch (NSException *exception) { print some log but it never reaches here... }
}

任何人都可以帮助我解决该错误的下一步吗？

解决方法

void *