I received a crash in iOS12.
The way to reproduce:
1.Play a video with UIWebView, then the video will play in fullScreen.
2.After the video start play, tap the left-top reduced Button to stop the video.
3.Replay it and the video will still in fullScreeen.
4.Repeat step2 and step3 several times.
5.Normal speed, at most 10 times, the crash will come.
Some detail info of the crash:
Hardware Model: iPhone10,3
Code Type: ARM-64 (Native)
Role: Non UI
Parent Process: launchd [1]
Date/Time: 2018-10-08 18:59:20.8570 +0800
Launch Time: 2018-10-08 18:58:58.7757 +0800
OS Version: iPhone OS 12.0 (16A366)
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x000047c300000111
VM Region Info: 0x47c300000111 is not in any region. Bytes after previous region: 78891569905938
REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL
MALLOC_NANO 0000000280000000-00000002a0000000 [512.0M] rw-/rwx SM=PRV
--->
UNUSED SPACE AT END
Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [658]
Triggered by Thread: 0
Thread 0 name: Dispatch queue: com.apple.main-thread
Thread 0 Crashed:
0 WebCore 0x00000001be5f4270 VideoFullscreenControllerContext::rateChanged+ 4784752 (bool, float) + 308
1 WebCore 0x00000001be5f4164 VideoFullscreenControllerContext::rateChanged+ 4784484 (bool, float) + 40
2 libdispatch.dylib 0x00000001b529b6c8 _dispatch_call_block_and_release + 24
3 libdispatch.dylib 0x00000001b529c484 _dispatch_client_callout + 16
4 libdispatch.dylib 0x00000001b527bb44 _dispatch_main_queue_callback_4CF$VARIANT$armv81 + 1012
5 CoreFoundation 0x00000001b57f21bc __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ + 12
6 CoreFoundation 0x00000001b57ed084 __CFRunLoopRun + 1964
7 CoreFoundation 0x00000001b57ec5b8 CFRunLoopRunSpecific + 436
8 GraphicsServices 0x00000001b7a60584 GSEventRunModal + 100
9 UIKitCore 0x00000001e2117558 UIApplicationMain + 212
10 xxxx 0x00000001023d29e4 main + 59876 (main.m:16)
11 libdyld.dylib 0x00000001b52acb94 start + 4
Thread 1 name: JavaScriptCore bmalloc scavenger
Thread 1:
0 libsystem_kernel.dylib 0x00000001b53f8f0c __psynch_cvwait + 8
1 libsystem_pthread.dylib 0x00000001b547a4c8 _pthread_cond_wait$VARIANT$armv81 + 620
2 libc++.1.dylib 0x00000001b49c44d0 std::__1::condition_variable::wait+ 34000 (std::__1::unique_lock<std::__1::mutex>&) + 24
3 JavaScriptCore 0x00000001bcb5bd7c void std::__1::condition_variable_any::wait<std::__1::unique_lock<bmalloc::Mutex> >+ 376188 (std::__1::unique_lock<bmalloc::Mutex>&) + 104
4 JavaScriptCore 0x00000001bcb5fe70 bmalloc::Scavenger::threadRunLoop+ 392816 () + 176
5 JavaScriptCore 0x00000001bcb5f5a4 bmalloc::Scavenger::Scavenger+ 390564 (std::__1::lock_guard<bmalloc::Mutex>&) + 0
6 JavaScriptCore 0x00000001bcb61050 std::__1::__thread_specific_ptr<std::__1::__thread_struct>::set_pointer+ 397392 (std::__1::__thread_struct*) + 0
7 libsystem_pthread.dylib 0x00000001b547d2fc _pthread_body + 128
8 libsystem_pthread.dylib 0x00000001b547d25c _pthread_start + 48
9 libsystem_pthread.dylib 0x00000001b5480d08 thread_start + 4
Thread 2 name: WebThread
Thread 2:
0 libsystem_kernel.dylib 0x00000001b53eded0 mach_msg_trap + 8
1 libsystem_kernel.dylib 0x00000001b53ed3a8 mach_msg + 72
2 libdispatch.dylib 0x00000001b526d630 _dispatch_mach_send_and_wait_for_reply + 500
3 libdispatch.dylib 0x00000001b526dad0 dispatch_mach_send_with_result_and_wait_for_reply$VARIANT$armv81 + 56
4 libxpc.dylib 0x00000001b54b4eb4 xpc_connection_send_message_with_reply_sync + 204
5 CoreMedia 0x00000001b8f1176c FigXPCRemoteClientSendSyncMessageCreatingReply + 36
6 MediaToolbox 0x00000001ba4e5868 remoteXPCAsset_GetStatusOfValueForProperty + 152
7 AVFoundation 0x00000001bb954930 -[AVFigAssetInspectorLoader _loadStatusForProperty:figAsset:error:] + 84
8 AVFoundation 0x00000001bb954af4 -[AVFigAssetInspectorLoader statusOfValueForKey:error:] + 312
9 WebCore 0x00000001be232e98 WebCore::MediaPlayerPrivateAVFoundationObjC::assetStatus+ 847512 () const + 248
10 WebCore 0x00000001be2213a8 WebCore::MediaPlayerPrivateAVFoundation::updateStates+ 775080 () + 764
11 WebCore 0x00000001be23dcec WebCore::MediaPlayerPrivateAVFoundationObjC::rateDidChange+ 892140 (double) + 24
12 WebCore 0x00000001be2222bc WebCore::MediaPlayerPrivateAVFoundation::dispatchNotification+ 778940 () + 1064
13 JavaScriptCore 0x00000001bcb273e0 WTF::dispatchFunctionsFromMainThread+ 160736 () + 308
14 Foundation 0x00000001b63135a0 __NSThreadPerformPerform + 336
15 CoreFoundation 0x00000001b57f25b8 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24
16 CoreFoundation 0x00000001b57f2538 __CFRunLoopDoSource0 + 88
17 CoreFoundation 0x00000001b57f1e1c __CFRunLoopDoSources0 + 176
18 CoreFoundation 0x00000001b57ecce8 __CFRunLoopRun + 1040
19 CoreFoundation 0x00000001b57ec5b8 CFRunLoopRunSpecific + 436
20 WebCore 0x00000001be613ba4 RunWebThread+ 4914084 (void*) + 592
21 libsystem_pthread.dylib 0x00000001b547d2fc _pthread_body + 128
22 libsystem_pthread.dylib 0x00000001b547d25c _pthread_start + 48
23 libsystem_pthread.dylib 0x00000001b5480d08 thread_start + 4
Anyone have any idea?
ps.There are a similar question at Multiple UIWebView WebCore Crashes
