305150 2026-01-08 14:30:00 -0800 REGRESSION(302499@main): Hitting asserts in http/tests/security/contentSecurityPolicy* on WebKitLegacy 2026-01-08 17:25:10 -0800 1 1 1 Unclassified WebKit New Bugs WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 301793 1 jbedard jbedard webkit-bug-importer oldest_to_newest 2170428 0 jbedard 2026-01-08 14:30:00 -0800 We're hitting asserts on the following tests in WebKitLegacy: http/tests/security/contentSecurityPolicy/report-cross-origin-no-cookies-when-private-browsing-toggled.py http/tests/security/contentSecurityPolicy/report-same-origin-no-cookies-when-private-browsing-toggled.py http/tests/security/private-browsing-http-auth.html History: https://results.webkit.org/?suite=layout-tests&suite=layout-tests&suite=layout-tests&test=http%2Ftests%2Fsecurity%2FcontentSecurityPolicy%2Freport-cross-origin-no-cookies-when-private-browsing-toggled.py&test=http%2Ftests%2Fsecurity%2FcontentSecurityPolicy%2Freport-same-origin-no-cookies-when-private-browsing-toggled.py&test=http%2Ftests%2Fsecurity%2Fprivate-browsing-http-auth.html CI build: https://build.webkit.org/#/builders/1694/builds/750 Log: 1 0x17ab96dae WTF::RefPtr<WebCore::SQLTransaction, WTF::RawPtrTraits<WebCore::SQLTransaction>, WTF::DefaultRefDerefTraits<WebCore::SQLTransaction>>::releaseNonNull() 2 0x17ab92bd9 WebCore::SQLTransactionBackend::frontend() 3 0x17ab92aef WebCore::SQLTransactionBackend::~SQLTransactionBackend() 4 0x17ab8db05 WebCore::SQLTransactionBackend::~SQLTransactionBackend() 5 0x17ab8da3e WebCore::SQLTransaction::~SQLTransaction() 6 0x17ab8dbf5 WebCore::SQLTransaction::~SQLTransaction() 7 0x17ab8dc19 WebCore::SQLTransaction::~SQLTransaction() 8 0x178d5fabf void WTF::ThreadSafeWeakPtrControlBlock::strongDeref<WebCore::SQLTransaction, (WTF::DestructionThread)0>() const::'lambda'()::operator()() const 9 0x178d5f980 void WTF::ThreadSafeWeakPtrControlBlock::strongDeref<WebCore::SQLTransaction, (WTF::DestructionThread)0>() const 10 0x178d5f7d6 WTF::ThreadSafeRefCountedAndCanMakeThreadSafeWeakPtr<WebCore::SQLTransaction, (WTF::DestructionThread)0>::deref() const 11 0x178d5f6a0 WTF::DefaultRefDerefTraits<WebCore::SQLTransaction>::derefIfNotNull(WebCore::SQLTransaction*) 12 0x178d5f645 WTF::Ref<WebCore::SQLTransaction, WTF::RawPtrTraits<WebCore::SQLTransaction>, WTF::DefaultRefDerefTraits<WebCore::SQLTransaction>>::~Ref() 13 0x178ca9515 WTF::Ref<WebCore::SQLTransaction, WTF::RawPtrTraits<WebCore::SQLTransaction>, WTF::DefaultRefDerefTraits<WebCore::SQLTransaction>>::~Ref() 14 0x17ab404ca WebCore::Database::performClose() 15 0x17ab4b53d WebCore::DatabaseThread::databaseThread() 16 0x17ab70059 WebCore::DatabaseThread::start()::$_0::operator()() const 17 0x17ab6fe69 WTF::Detail::CallableWrapper<WebCore::DatabaseThread::start()::$_0, void>::call() 18 0x125d5091a WTF::Function<void ()>::operator()() const 19 0x125fb6146 WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) 20 0x125fc3fc5 WTF::wtfThreadEntryPoint(void*) 21 0x7ff804760e4d _pthread_start 22 0x7ff80475c857 thread_start Reproduction: run-webkit-tests --no-build --no-retry --no-show-results --exit-after-n-failures=1 --expect-pass --iterations=30 --force -1 --debug http/tests/security/private-browsing-http-auth.html Bisected to 302499@main, it is certainly the caused-by. 2170429 1 webkit-bug-importer 2026-01-08 14:30:13 -0800 <rdar://problem/167797804> 2170431 2 rniwa 2026-01-08 14:37:48 -0800 The assertion is catching a legitimate memory safety issue. 2170432 3 rniwa 2026-01-08 14:46:54 -0800 Pull request: https://github.com/WebKit/WebKit/pull/56287 2170438 4 jbedard 2026-01-08 15:16:12 -0800 Pull request: https://github.com/WebKit/WebKit/pull/56290 2170491 5 ews-feeder 2026-01-08 17:25:08 -0800 Committed 305322@main (682d2e4ee552): <https://commits.webkit.org/305322@main> Reviewed commits have been landed. Closing PR #56287 and removing active labels.