Bug 197877

Summary: WebCore crash on RenderTreeBuilder when play video within webview
Product: WebKit Reporter: lidj <lidjxy>
Component: MediaAssignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Major CC: ap, bfulgham, dino, eric.carlson, jer.noble, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: iPhone / iPad   
OS: iOS 12   

Description lidj 2019-05-14 03:35:25 PDT 
WebCore	
WTFCrashWithInfo(int, char const*, char const*, int) + 20
1
WebCore	
WebCore::RenderTreeBuilder::RenderTreeBuilder(WebCore::RenderView&) + 358
2	WebCore	
WebCore::RenderTreeUpdater::tearDownRenderers(WebCore::Element&) + 44
3	WebCore	
WebCore::ContainerNode::removeBetween(WebCore::Node*, WebCore::Node*, WebCore::Node&) + 140
4	WebCore	
WebCore::ContainerNode::removeChild(WebCore::Node&) + 644
5	WebCore	
WebCore::VTTCue::removeDisplayTree() + 136
6	WebCore	
WebCore::HTMLMediaElement::updateActiveTextTrackCues(WTF::MediaTime const&) + 5828
7	WebCore	
WTF::Function<void ()>::CallableWrapper<WebCore::HTMLMediaElement::updateActiveTextTrackCues(WTF::MediaTime const&)::$_22>::call() + 172
8	AVFoundation	
__67-[AVOccasionalTimebaseObserver initWithTimebase:times:queue:block:]_block_invoke_4 + 68


the stack of function calls, the iOS system is iOS 12.2, and the webkit version is 607.1.40 i think.
Comment 1 Alexey Proskuryakov 2019-05-15 14:26:22 PDT 
Thank you for the report! Is this at least semi-reproducible, or a one off?

For Apple folks: crash point matches rdar://problem/36153631&47826223&47826975&40373156&39302087, but those issues look different.
Comment 2 lidj 2019-05-15 19:39:16 PDT 
(In reply to Alexey Proskuryakov from comment #1)
> Thank you for the report! Is this at least semi-reproducible, or a one off?
> 
> For Apple folks: crash point matches
> rdar://problem/36153631&47826223&47826975&40373156&39302087, but those
> issues look different.

it's a reproducible bug, only iOS 12.
github issue:https://github.com/youtube/youtube-ios-player-helper/issues/322
Comment 3 Alexey Proskuryakov 2019-05-16 11:59:42 PDT 
I cannot reproduce the crash with iOS 12.2.
Comment 4 Radar WebKit Bug Importer 2019-05-16 12:00:01 PDT 
<rdar://problem/50862123>