Originally discovered in https://bugs.webkit.org/attachment.cgi?id=337300. Both of the following tests fail when running `Tools/Scripts/run-webkit-tests` with the --debug flag. There is no crash when using a release build of webkit. imported/w3c/web-platform-tests/fetch/api/redirect/redirect-method-worker.html imported/w3c/web-platform-tests/fetch/api/redirect/redirect-method.html The crashes started happening when the `redirect-method` test was updated in this changeset https://trac.webkit.org/changeset/230330/webkit#file102 to import the latest code form the upstream web-platform-test repo.
Created attachment 337675 [details] Crash log
ASSERTION FAILED: formData ./platform/network/cocoa/ResourceRequestCocoa.mm(126) : void WebCore::ResourceRequest::doUpdateResourceHTTPBody() 1 0x1078343fd WTFCrash 2 0x1141d7597 WebCore::ResourceRequest::doUpdateResourceHTTPBody() 3 0x11624e86a WebCore::ResourceRequestBase::updateResourceRequest(WebCore::HTTPBodyUpdatePolicy) const 4 0x11624f75e WebCore::ResourceRequestBase::httpBody() const 5 0x116260b1f WebCore::ResourceRequest::updateFromDelegatePreservingOldProperties(WebCore::ResourceRequest const&) 6 0x10c3170d1 WebFrameLoaderClient::dispatchWillSendRequest(WebCore::DocumentLoader*, unsigned long, WebCore::ResourceRequest&, WebCore::ResourceResponse const&) 7 0x115bc8f90 WebCore::ResourceLoadNotifier::dispatchWillSendRequest(WebCore::DocumentLoader*, unsigned long, WebCore::ResourceRequest&, WebCore::ResourceResponse const&) 8 0x115bc8eb2 WebCore::ResourceLoadNotifier::willSendRequest(WebCore::ResourceLoader*, WebCore::ResourceRequest&, WebCore::ResourceResponse const&) 9 0x115bd009a WebCore::ResourceLoader::willSendRequestInternal(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&) 10 0x115be5691 WebCore::SubresourceLoader::willSendRequestInternal(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)::$_0::operator()(WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&, WebCore::ResourceRequest&&) 11 0x115bf5cc4 WebCore::SubresourceLoader::willSendRequestInternal(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)::$_3::operator()(WebCore::ResourceRequest&&) 12 0x115bf5bd4 WTF::Function<void (WebCore::ResourceRequest&&)>::CallableWrapper<WebCore::SubresourceLoader::willSendRequestInternal(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)::$_3>::call(WebCore::ResourceRequest&&) 13 0x1142533ae WTF::Function<void (WebCore::ResourceRequest&&)>::operator()(WebCore::ResourceRequest&&) const 14 0x1142532b9 WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>::operator()(WebCore::ResourceRequest&&) const 15 0x115c4ae1b WebCore::CachedResource::redirectReceived(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&) 16 0x115c692bc WebCore::CachedRawResource::redirectReceived(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)::$_1::operator()(WebCore::ResourceRequest&&) 17 0x115c69194 WTF::Function<void (WebCore::ResourceRequest&&)>::CallableWrapper<WebCore::CachedRawResource::redirectReceived(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)::$_1>::call(WebCore::ResourceRequest&&) 18 0x1142533ae WTF::Function<void (WebCore::ResourceRequest&&)>::operator()(WebCore::ResourceRequest&&) const 19 0x1142532b9 WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>::operator()(WebCore::ResourceRequest&&) const 20 0x115c4af2b WebCore::iterateClients(WebCore::CachedResourceClientWalker<WebCore::CachedRawResourceClient>&&, WebCore::CachedResourceHandle<WebCore::CachedRawResource>&&, WebCore::ResourceRequest&&, std::__1::unique_ptr<WebCore::ResourceResponse, std::__1::default_delete<WebCore::ResourceResponse> >&&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&) 21 0x115c5eb21 WebCore::iterateClients(WebCore::CachedResourceClientWalker<WebCore::CachedRawResourceClient>&&, WebCore::CachedResourceHandle<WebCore::CachedRawResource>&&, WebCore::ResourceRequest&&, std::__1::unique_ptr<WebCore::ResourceResponse, std::__1::default_delete<WebCore::ResourceResponse> >&&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)::$_5::operator()(WebCore::ResourceRequest&&) 22 0x115c5e854 WTF::Function<void (WebCore::ResourceRequest&&)>::CallableWrapper<WebCore::iterateClients(WebCore::CachedResourceClientWalker<WebCore::CachedRawResourceClient>&&, WebCore::CachedResourceHandle<WebCore::CachedRawResource>&&, WebCore::ResourceRequest&&, std::__1::unique_ptr<WebCore::ResourceResponse, std::__1::default_delete<WebCore::ResourceResponse> >&&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)::$_5>::call(WebCore::ResourceRequest&&) 23 0x1142533ae WTF::Function<void (WebCore::ResourceRequest&&)>::operator()(WebCore::ResourceRequest&&) const 24 0x1142532b9 WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>::operator()(WebCore::ResourceRequest&&) const 25 0x115b2f9a3 WebCore::DocumentThreadableLoader::redirectReceived(WebCore::CachedResource&, WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&) 26 0x115c4b1ed WebCore::iterateClients(WebCore::CachedResourceClientWalker<WebCore::CachedRawResourceClient>&&, WebCore::CachedResourceHandle<WebCore::CachedRawResource>&&, WebCore::ResourceRequest&&, std::__1::unique_ptr<WebCore::ResourceResponse, std::__1::default_delete<WebCore::ResourceResponse> >&&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&) 27 0x115c4ac19 WebCore::CachedRawResource::redirectReceived(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&) 28 0x115be4af4 WebCore::SubresourceLoader::willSendRequestInternal(WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&) 29 0x115bd11d7 WebCore::ResourceLoader::willSendRequestAsync(WebCore::ResourceHandle*, WebCore::ResourceRequest&&, WebCore::ResourceResponse&&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&) 30 0x114242fda WebCore::ResourceHandle::willSendRequest(WebCore::ResourceRequest&&, WebCore::ResourceResponse&&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&) 31 0x114256e96 -[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]::$_1::operator()()
This is a pretty bad logic error. Making delegate calls after creating a stream is wrong. // There is no FormData object if a client provided a custom data stream. // We shouldn't be looking at http body after client callbacks. ASSERT(formData); if (formData) m_httpBody = formData;
<rdar://problem/39384515>
Skipped the following tests on LayoutTests/platform/Mac/TestExpectations as a result of this issue. fetch/api/redirect/redirect-method.html [ Skip ] fetch/api/redirect/redirect-method-worker.html [ Skip ]
Created attachment 341773 [details] Skip crashing tests
Comment on attachment 341773 [details] Skip crashing tests Clearing flags on attachment: 341773 Committed r232428: <https://trac.webkit.org/changeset/232428>
The tests that hit this crash were removed as part of https://trac.webkit.org/changeset/239693/webkit
*** This bug has been marked as a duplicate of bug 159724 ***