We use UIWebView to load and play iframe video. Recently, we found crashes while loading another video in iOS 11.3, and more likely happend in the unstable network connection status. The crash stacktrace looks like this:
Crashed: WebThread
0 JavaScriptCore 0x189ae4298 JSC::JSLock::DropAllLocks::DropAllLocks(JSC::VM&) + 176
1 JavaScriptCore 0x189ae426c JSC::JSLock::DropAllLocks::DropAllLocks(JSC::VM&) + 132
2 WebCore 0x18a827794 SendDelegateMessage(NSInvocation*) + 360
3 WebKitLegacy 0x18bf43c68 CallDelegate(void (*)(), WebView*, objc_object*, objc_selector*, objc_object*, objc_object*, objc_object*) + 144
4 WebKitLegacy 0x18beb78d0 WebFrameLoaderClient::dispatchDidFailLoading(WebCore::DocumentLoader*, unsigned long, WebCore::ResourceError const&) + 276
5 WebCore 0x18a856660 WebCore::ResourceLoadNotifier::didFailToLoad(WebCore::ResourceLoader*, WebCore::ResourceError const&) + 128
6 WebCore 0x18a856118 WebCore::ResourceLoader::cancel(WebCore::ResourceError const&) + 464
7 WebCore 0x18a855ea4 WebCore::ResourceLoader::cancel() + 64
8 WebCore 0x18b757e90 WebCore::CachedResource::removeClient(WebCore::CachedResourceClient&) + 264
9 WebCore 0x18b71c558 WebCore::MediaResource::~MediaResource() + 64
10 WebCore 0x18b71c608 WebCore::MediaResource::~MediaResource() + 12
11 libobjc.A.dylib 0x181876ef4 object_cxxDestructFromClass(objc_object*, objc_class*) + 148
12 libobjc.A.dylib 0x181884990 objc_destructInstance + 68
13 libobjc.A.dylib 0x1818849f8 object_dispose + 16
14 WebCore 0x18bc9b8f0 -[WebCoreNSURLSessionDataTask dealloc] + 320
15 CoreFoundation 0x18258e4e4 -[__NSDictionaryM dealloc] + 164
16 AVFoundation 0x1881cccf8 -[AVAssetCustomURLBridgeForNSURLSession dealloc] + 68
17 AVFoundation 0x188218e54 -[AVAssetResourceLoader dealloc] + 356
18 AVFoundation 0x1880fc460 -[AVURLAsset dealloc] + 248
19 AVFoundation 0x188133c34 -[AVPlayerItemTrack dealloc] + 192
20 WebCore 0x18a945fac WebCore::AVTrackPrivateAVFObjCImpl::~AVTrackPrivateAVFObjCImpl() + 92
21 WebCore 0x18bc8c9dc WebCore::VideoTrackPrivateAVFObjC::~VideoTrackPrivateAVFObjC() + 48
22 WebCore 0x18bc8bc7c WebCore::VideoTrack::~VideoTrack() + 96
23 WebCore 0x18aa1e390 WebCore::TrackEvent::~TrackEvent() + 72
24 JavaScriptCore 0x189ac2228 void JSC::MarkedBlock::Handle::specializedSweep<true, (JSC::MarkedBlock::Handle::EmptyMode)1, (JSC::MarkedBlock::Handle::SweepMode)1, (JSC::MarkedBlock::Handle::SweepDestructionMode)1, (JSC::MarkedBlock::Handle::ScribbleMode)0, (JSC::MarkedBlock::Handle::NewlyAllocatedMode)1, (JSC::MarkedBlock::Handle::MarksMode)1, JSC::JSDestructibleObjectDestroyFunc>(JSC::FreeList*, JSC::MarkedBlock::Handle::EmptyMode, JSC::MarkedBlock::Handle::SweepMode, JSC::MarkedBlock::Handle::SweepDestructionMode, JSC::MarkedBlock::Handle::ScribbleMode, JSC::MarkedBlock::Handle::NewlyAllocatedMode, JSC::MarkedBlock::Handle::MarksMode, JSC::JSDestructibleObjectDestroyFunc const&) + 212
25 JavaScriptCore 0x189ac0950 void JSC::MarkedBlock::Handle::finishSweepKnowingHeapCellType<JSC::JSDestructibleObjectDestroyFunc>(JSC::FreeList*, JSC::JSDestructibleObjectDestroyFunc const&)::'lambda'()::operator()() const + 408
26 JavaScriptCore 0x189ac044c void JSC::MarkedBlock::Handle::finishSweepKnowingHeapCellType<JSC::JSDestructibleObjectDestroyFunc>(JSC::FreeList*, JSC::JSDestructibleObjectDestroyFunc const&) + 320
27 JavaScriptCore 0x189ac0300 JSC::JSDestructibleObjectHeapCellType::finishSweep(JSC::MarkedBlock::Handle&, JSC::FreeList*) + 32
28 JavaScriptCore 0x189848538 JSC::MarkedBlock::Handle::sweep(JSC::FreeList*) + 372
29 JavaScriptCore 0x1898466fc JSC::LocalAllocator::tryAllocateIn(JSC::MarkedBlock::Handle*) + 40
30 JavaScriptCore 0x189846608 JSC::LocalAllocator::tryAllocateWithoutCollecting() + 48
31 JavaScriptCore 0x1898464c8 JSC::LocalAllocator::allocateSlowCase(JSC::GCDeferralContext*, JSC::AllocationFailureMode) + 292
32 JavaScriptCore 0x18982b4b8 JSC::CompleteSubspace::allocateNonVirtual(JSC::VM&, unsigned long, JSC::GCDeferralContext*, JSC::AllocationFailureMode) + 216
33 WebCore 0x18b20e4ec std::__1::enable_if<!(std::is_same<WebCore::MessageEvent, WebCore::Event>::value), WebCore::JSDOMWrapperConverterTraits<WebCore::MessageEvent>::WrapperClass*>::type WebCore::createWrapper<WebCore::MessageEvent, WebCore::Event>(WebCore::JSDOMGlobalObject*, ***::Ref<WebCore::Event, ***::DumbPtrTraits<WebCore::Event> >&&) + 220
34 WebCore 0x18b20ccb0 WebCore::toJSNewlyCreated(JSC::ExecState*, WebCore::JSDOMGlobalObject*, ***::Ref<WebCore::Event, ***::DumbPtrTraits<WebCore::Event> >&&) + 308
35 WebCore 0x18b20c444 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext&, WebCore::Event&) + 872
36 WebCore 0x18b448be0 WebCore::EventTarget::fireEventListeners(WebCore::Event&, ***::Vector<***::RefPtr<WebCore::RegisteredEventListener, ***::DumbPtrTraits<WebCore::RegisteredEventListener> >, 1ul, ***::CrashOnOverflow, 16ul, ***::FastMalloc>) + 760
37 WebCore 0x18b444798 WebCore::EventTarget::fireEventListeners(WebCore::Event&) + 596
38 WebCore 0x18b4488cc WebCore::EventTarget::dispatchEvent(WebCore::Event&) + 116
39 WebCore 0x18b77f76c WebCore::DOMWindow::postMessageTimerFired(WebCore::PostMessageTimer&) + 164
40 WebCore 0x18b7883e0 WebCore::PostMessageTimer::fired() + 108
41 WebCore 0x18a7dfff0 WebCore::ThreadTimers::sharedTimerFiredInternal() + 352
42 WebCore 0x18a7dfe7c WebCore::timerFired(__CFRunLoopTimer*, void*) + 28
43 CoreFoundation 0x182667aa8 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 28
44 CoreFoundation 0x18266776c __CFRunLoopDoTimer + 864
45 CoreFoundation 0x182667010 __CFRunLoopDoTimers + 248
46 CoreFoundation 0x182664b60 __CFRunLoopRun + 2168
47 CoreFoundation 0x182584da8 CFRunLoopRunSpecific + 552
48 WebCore 0x18a811dcc RunWebThread(void*) + 592
49 libsystem_pthread.dylib 0x1822e5220 _pthread_body + 272
50 libsystem_pthread.dylib 0x1822e5110 _pthread_body + 290
51 libsystem_pthread.dylib 0x1822e3b10 thread_start + 4It works fine before iOS 11.3.
We also tested on iOS 11.4 beta 2, but the crash still exists.
Any help will be highly appreciated!
