264738 – iOS 17.2 beta 2: Chrome crashes in WebCore::VideoFullscreenInterfaceAVKit::cleanupFullscreen

Bug 264738 - iOS 17.2 beta 2: Chrome crashes in WebCore::VideoFullscreenInterfaceAVKit::cleanupFullscreen

Summary: iOS 17.2 beta 2: Chrome crashes in WebCore::VideoFullscreenInterfaceAVKit::cl...

Status:	RESOLVED MOVED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Media (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2023-11-13 06:01 PST by Ali Juma
Modified:	2023-12-21 15:01 PST (History)
CC List:	4 users (show)

See Also:

Attachments
Crash log (38.39 KB, text/plain) 2023-11-13 06:01 PST, Ali Juma	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ali Juma 2023-11-13 06:01:14 PST

Created attachment 468577 [details]
Crash log

Chrome for iOS is getting a very large number of crash reports in WebCore::VideoFullscreenInterfaceAVKit::cleanupFullscreen in iOS 17.2 beta 2.

For context, this is by far and away our top crash on iOS 17.2 beta 2, over 160X as frequent as the next most common crash.

I've also filed feedback FB13368157 for this.

Attached is a crash log.

Here's the crashing stack:

Exception Type:  EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Termination Reason: SIGNAL 6 Abort trap: 6
Terminating Process: Chrome [2523]

Triggered by Thread:  0

Last Exception Backtrace:
0   CoreFoundation                	0x1950f4860 __exceptionPreprocess + 164 (NSException.m:249)
1   Chrome                        	0x10144d258 0x100268000 + 18764376
2   Chrome                        	0x10144c510 0x100268000 + 18760976
3   libobjc.A.dylib               	0x18d397be0 objc_exception_throw + 60 (objc-exception.mm:356)
4   Foundation                    	0x194654dd8 -[NSAssertionHandler handleFailureInMethod:object:file:lineNumber:description:] + 188 (NSException.m:252)
5   UIKitCore                     	0x1981dda84 -[_UIPhysicalButtonInteraction _registerWithArbiterSkippingEvaluationAndObservation] + 232 (_UIPhysicalButtonInteraction.m:812)
6   UIKitCore                     	0x1981dd6c4 -[_UIPhysicalButtonInteraction _registerWithArbiterIfAble] + 88 (_UIPhysicalButtonInteraction.m:831)
7   UIKitCore                     	0x1981de1e0 -[_UIPhysicalButtonInteraction _didMoveFromWindow:toWindow:] + 252 (_UIPhysicalButtonInteraction.m:0)
8   UIKitCore                     	0x197240568 -[UIView(Internal) _didMoveFromWindow:toWindow:] + 1552 (UIView.m:17489)
9   UIKitCore                     	0x1972c19ac -[UIControl _didMoveFromWindow:toWindow:] + 56 (UIControl.m:738)
10  UIKitCore                     	0x197240204 -[UIView(Internal) _didMoveFromWindow:toWindow:] + 684 (UIView.m:0)
11  UIKitCore                     	0x19723fc8c __45-[UIView(Hierarchy) _postMovedFromSuperview:]_block_invoke + 124 (UIView.m:13576)
12  UIKitCore                     	0x19723fba0 -[UIView _postMovedFromSuperview:] + 484 (UIView.m:13559)
13  UIKitCore                     	0x19723e7fc -[UIView(Internal) _addSubview:positioned:relativeTo:] + 2200 (UIView.m:18243)
14  AVKit                         	0x1be1bfd04 -[AVPlayerView _beginManagingContentViewIfNeeded] + 312 (AVPlayerView_Mobile.m:91)
15  AVKit                         	0x1be1bfe28 -[AVPlayerView setContentView:] + 92 (AVPlayerView_Mobile.m:56)
16  AVKit                         	0x1be18c964 -[AVPlayerViewController _setContentViewOnSelf] + 108 (AVPlayerViewController_Mobile.m:4971)
17  AVKit                         	0x1be18505c -[AVPlayerViewController fullScreenViewControllerWillEndFullScreenPresentation:] + 28 (AVPlayerViewController_Mobile.m:7850)
18  AVKit                         	0x1be19b268 -[AVFullScreenViewController viewWillMoveToWindow:] + 96 (AVFullScreenViewController_Mobile.m:94)
19  UIKitCore                     	0x1972407d0 -[UIView(Hierarchy) _willMoveToWindow:] + 380 (UIView.m:13366)
20  UIKitCore                     	0x1972ae144 __UIViewWillBeRemovedFromSuperview + 660 (UIView.m:12842)
21  UIKitCore                     	0x1972adc7c -[UIView(Hierarchy) removeFromSuperview] + 112 (UIView.m:12928)
22  UIKitCore                     	0x197358d98 __80-[UIPresentationController _initViewHierarchyForPresentationSuperview:inWindow:]_block_invoke_7 + 388 (UIPresentationController.m:1831)
23  UIKitCore                     	0x197358388 -[UIPresentationController transitionDidFinish:] + 128 (UIPresentationController.m:482)
24  UIKitCore                     	0x19790553c -[_UICurrentContextPresentationController transitionDidFinish:] + 44 (_UICurrentContextPresentationController.m:74)
25  UIKitCore                     	0x1979020b0 __56-[UIPresentationController runTransitionForCurrentState]_block_invoke.114 + 320 (UIPresentationController.m:1381)
26  UIKitCore                     	0x197358274 -[_UIViewControllerTransitionContext completeTransition:] + 116 (UIViewControllerTransitioning.m:304)
27  UIKitCore                     	0x1974c0d10 -[UIViewControllerBuiltinTransitionViewAnimator animateTransition:] + 2460 (UIViewControllerBuiltinTransitionViewAnimator.m:128)
28  UIKitCore                     	0x1974c02f0 ___UIViewControllerTransitioningRunCustomTransition_block_invoke_3 + 52 (UIViewControllerTransitioning.m:1323)
29  UIKitCore                     	0x1974c028c +[UIKeyboardSceneDelegate _pinInputViewsForKeyboardSceneDelegate:onBehalfOfResponder:duringBlock:] + 136 (UIKeyboardSceneDelegate.m:3048)
30  UIKitCore                     	0x1974c01c8 ___UIViewControllerTransitioningRunCustomTransition_block_invoke_2 + 196 (UIViewControllerTransitioning.m:1319)
31  UIKitCore                     	0x197407ef0 +[UIView(Animation) _setAlongsideAnimations:toRunByEndOfBlock:] + 180 (UIView.m:15972)
32  UIKitCore                     	0x197407780 _UIViewControllerTransitioningRunCustomTransition + 484 (UIViewControllerTransitioning.m:1308)
33  UIKitCore                     	0x19740525c __56-[UIPresentationController runTransitionForCurrentState]_block_invoke_3 + 1564 (UIPresentationController.m:1434)
34  UIKitCore                     	0x197404c1c +[UIPresentationController _scheduleTransition:] + 80 (UIPresentationController.m:2942)
35  UIKitCore                     	0x1974049d0 -[UIPresentationController runTransitionForCurrentState] + 1560 (UIPresentationController.m:1283)
36  UIKitCore                     	0x197900824 -[UIPresentationController _dismissWithAnimationController:interactionController:target:didFinish:] + 400 (UIPresentationController.m:800)
37  UIKitCore                     	0x1979b5f48 __99-[UIViewController _dismissViewControllerWithAnimationController:interactionController:completion:]_block_invoke_2 + 56 (UIViewController.m:10285)
38  UIKitCore                     	0x1972707a4 +[UIView(Animation) performWithoutAnimation:] + 76 (UIView.m:16017)
39  UIKitCore                     	0x1979b5da8 -[UIViewController _dismissViewControllerWithAnimationController:interactionController:completion:] + 532 (UIViewController.m:10284)
40  UIKitCore                     	0x1972707a4 +[UIView(Animation) performWithoutAnimation:] + 76 (UIView.m:16017)
41  UIKitCore                     	0x1979b53c0 -[UIViewController _dismissViewControllerWithTransition:from:completion:] + 1188 (UIViewController.m:10252)
42  UIKitCore                     	0x1979b4bac -[UIViewController dismissViewControllerWithTransition:completion:] + 1364 (UIViewController.m:10113)
43  UIKitCore                     	0x1979b443c -[UIViewController _performCoordinatedPresentOrDismiss:animated:] + 484 (UIViewController.m:9996)
44  UIKitCore                     	0x1979b6700 -[UIViewController dismissViewControllerAnimated:completion:] + 148 (UIViewController.m:10525)
45  UIKitCore                     	0x1974eeb30 __68-[UIWindow _removeAllViewControllersFromWindowHierarchyFromDealloc:]_block_invoke + 44 (UIWindow.m:2677)
46  UIKitCore                     	0x1974ee2cc +[UIViewController _performWithoutDeferringTransitionsAllowingAnimation:actions:] + 140 (UIViewController.m:8653)
47  UIKitCore                     	0x1974edfe4 -[UIWindow _removeAllViewControllersFromWindowHierarchyFromDealloc:] + 236 (UIWindow.m:2676)
48  UIKitCore                     	0x1973bf690 -[UIWindow setRootViewController:] + 152 (UIWindow.m:2736)
49  WebCore                       	0x1a99bbe68 WebCore::VideoFullscreenInterfaceAVKit::cleanupFullscreen() + 212 (VideoFullscreenInterfaceAVKit.mm:925)
50  WebKit                        	0x1aa230960 WebKit::VideoPresentationManagerProxy::invalidate() + 212 (VideoPresentationManagerProxy.mm:464)
51  WebKit                        	0x1aa3d964c WebKit::WebPageProxy::resetState(WebKit::WebPageProxy::ResetStateReason) + 604 (WebPageProxy.cpp:9106)
52  WebKit                        	0x1aa3d58cc WebKit::WebPageProxy::close() + 1452 (WebPageProxy.cpp:1441)
53  WebKit                        	0x1aa0b361c -[WKWebView dealloc] + 160 (WKWebView.mm:671)
54  libobjc.A.dylib               	0x18d36eb60 AutoreleasePoolPage::releaseUntil(objc_object**) + 196 (NSObject.mm:935)
55  libobjc.A.dylib               	0x18d36e9f8 objc_autoreleasePoolPop + 260 (NSObject.mm:2197)
56  Chrome                        	0x100b683b8 0x100268000 + 9438136
57  Chrome                        	0x100b5ae40 0x100268000 + 9383488
58  Chrome                        	0x100b58c88 0x100268000 + 9374856
59  Chrome                        	0x100b57440 0x100268000 + 9368640
60  CoreFoundation                	0x195039964 __invoking___ + 148 (:-1)
61  CoreFoundation                	0x1950393fc -[NSInvocation invoke] + 428 (NSForwarding.m:3411)
62  CoreFoundation                	0x195039224 -[NSInvocation invokeWithTarget:] + 64 (NSForwarding.m:3508)
63  Chrome                        	0x100e18614 0x100268000 + 12256788
64  CoreFoundation                	0x195039d84 ___forwarding___ + 968 (NSForwarding.m:3654)
65  CoreFoundation                	0x19517ab10 _CF_forwarding_prep_0 + 96 (:-1)
66  Chrome                        	0x100b66cc8 0x100268000 + 9432264
67  Chrome                        	0x100b661e0 0x100268000 + 9429472
68  UIKitCore                     	0x1976e9210 -[UIScene _invalidate] + 476 (UIScene.m:1049)
69  UIKitCore                     	0x198260c00 -[UIWindowScene _invalidate] + 148 (UIWindowScene.m:450)
70  UIKitCore                     	0x19803f254 -[UIApplication workspace:willDestroyScene:withTransitionContext:completion:] + 168 (UIApplication.m:4181)
71  UIKitCore                     	0x197ba3d94 -[UIApplicationSceneClientAgent scene:willInvalidateWithEvent:completion:] + 288 (UIApplicationSceneClientAgent.m:65)
72  FrontBoardServices            	0x1ad49da5c -[FBSScene _callOutQueue_willDestroyWithTransitionContext:completion:] + 224 (FBSScene.m:589)
73  FrontBoardServices            	0x1ad4bf4b0 __84-[FBSWorkspaceScenesClient _queue_invalidateScene:withTransitionContext:completion:]_block_invoke_2 + 280 (FBSWorkspaceScenesClient.m:742)
74  FrontBoardServices            	0x1ad48419c -[FBSWorkspace _calloutQueue_executeCalloutFromSource:withBlock:] + 168 (FBSWorkspace.m:411)
75  FrontBoardServices            	0x1ad4bf340 __84-[FBSWorkspaceScenesClient _queue_invalidateScene:withTransitionContext:completion:]_block_invoke + 248 (FBSWorkspaceScenesClient.m:729)
76  libdispatch.dylib             	0x19cff1300 _dispatch_client_callout + 20 (object.m:561)
77  libdispatch.dylib             	0x19cff4d48 _dispatch_block_invoke_direct + 284 (queue.c:496)
78  FrontBoardServices            	0x1ad480520 __FBSSERIALQUEUE_IS_CALLING_OUT_TO_A_BLOCK__ + 52 (FBSSerialQueue.m:285)
79  FrontBoardServices            	0x1ad4804a0 -[FBSMainRunLoopSerialQueue _targetQueue_performNextIfPossible] + 240 (FBSSerialQueue.m:309)
80  FrontBoardServices            	0x1ad480378 -[FBSMainRunLoopSerialQueue _performNextFromRunLoopSource] + 28 (FBSSerialQueue.m:322)
81  CoreFoundation                	0x19503f2fc __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28 (CFRunLoop.c:1957)
82  CoreFoundation                	0x19503e578 __CFRunLoopDoSource0 + 176 (CFRunLoop.c:2001)
83  CoreFoundation                	0x19503cd2c __CFRunLoopDoSources0 + 244 (CFRunLoop.c:2038)
84  CoreFoundation                	0x19503ba68 __CFRunLoopRun + 828 (CFRunLoop.c:2955)
85  CoreFoundation                	0x19503b648 CFRunLoopRunSpecific + 608 (CFRunLoop.c:3420)
86  GraphicsServices              	0x1d8e7f4f8 GSEventRunModal + 164 (GSEvent.c:2196)
87  UIKitCore                     	0x19745b944 -[UIApplication _run] + 888 (UIApplication.m:3685)
88  UIKitCore                     	0x19745af80 UIApplicationMain + 340 (UIApplication.m:5270)
89  Chrome                        	0x10032f2f4 0x100268000 + 815860
90  Chrome                        	0x10032f364 0x100268000 + 815972
91  dyld                          	0x1b80d5dcc start + 2240 (dyldMain.cpp:1269)

Comment 1 Radar WebKit Bug Importer 2023-11-13 09:14:48 PST

<rdar://problem/118337806>

Comment 2 Andy Estes 2023-11-14 14:54:00 PST

This crash is not due to an issue in WebKit, so I'm going to close this. Further discussion of this issue should occur via FB13368157.

Comment 3 Brent Fulgham 2023-12-21 15:01:49 PST

It looks like UIKit made a fix for this issue, under <rdar://118337806>.

This fix should be in iOS 17.2.