Description: http/tests/security/xss-DENIED-synchronous-frame-load-in-javascript-url.html is constantly crashing on macOS Debug and timeout on macOS Release since 270359@main. This issue can be bisected to 270359@main using the command: run-webkit-tests --release --iterations=1 http/tests/security/xss-DENIED-synchronous-frame-load-in-javascript-url.html History: https://results.webkit.org/?suite=layout-tests&test=http%2Ftests%2Fsecurity%2Fxss-DENIED-synchronous-frame-load-in-javascript-url.html&flavor=wk1 Crash Log: ASSERTION FAILED: ownerDocument->loader() /Volumes/Data/worker/Apple-Sonoma-Debug-Build/build/Source/WebCore/bindings/js/ScriptController.cpp(861) : void WebCore::ScriptController::executeJavaScriptURL(const URL &, RefPtr<SecurityOrigin>, ShouldReplaceDocumentIfJavaScriptURL, bool &) 1 0x11927c948 WTFCrash 2 0x124e3d2f0 WebCore::BaseAudioContext::isGraphOwner() const 3 0x12544e3bc WebCore::ScriptController::executeJavaScriptURL(WTF::URL const&, WTF::RefPtr<WebCore::SecurityOrigin, WTF::RawPtrTraits<WebCore::SecurityOrigin>, WTF::DefaultRefDerefTraits<WebCore::SecurityOrigin>>, WebCore::ShouldReplaceDocumentIfJavaScriptURL, bool&) 4 0x126934434 WebCore::FrameLoader::executeJavaScriptURL(WTF::URL const&, WebCore::NavigationAction const&) 5 0x126932fac WebCore::FrameLoader::loadWithNavigationAction(WebCore::ResourceRequest const&, WebCore::NavigationAction&&, WebCore::FrameLoadType, WTF::RefPtr<WebCore::FormState, WTF::RawPtrTraits<WebCore::FormState>, WTF::DefaultRefDerefTraits<WebCore::FormState>>&&, WebCore::AllowNavigationToInvalidURL, WebCore::ShouldTreatAsContinuingLoad, WTF::CompletionHandler<void ()>&&) 6 0x12692efa8 WebCore::FrameLoader::loadURL(WebCore::FrameLoadRequest&&, WTF::String const&, WebCore::FrameLoadType, WebCore::Event*, WTF::RefPtr<WebCore::FormState, WTF::RawPtrTraits<WebCore::FormState>, WTF::DefaultRefDerefTraits<WebCore::FormState>>&&, std::__1::optional<WebCore::PrivateClickMeasurement>&&, WTF::CompletionHandler<void ()>&&) 7 0x126928dbc WebCore::FrameLoader::loadFrameRequest(WebCore::FrameLoadRequest&&, WebCore::Event*, WTF::RefPtr<WebCore::FormState, WTF::RawPtrTraits<WebCore::FormState>, WTF::DefaultRefDerefTraits<WebCore::FormState>>&&, std::__1::optional<WebCore::PrivateClickMeasurement>&&) 8 0x126928648 WebCore::FrameLoader::changeLocation(WebCore::FrameLoadRequest&&, WebCore::Event*, std::__1::optional<WebCore::PrivateClickMeasurement>&&) 9 0x126b7ec60 WebCore::LocalFrame::changeLocation(WebCore::FrameLoadRequest&&) 10 0x1269972f8 WebCore::ScheduledLocationChange::fire(WebCore::Frame&) 11 0x12698c804 WebCore::NavigationScheduler::timerFired() 12 0x12699d564 decltype(*std::declval<WebCore::NavigationScheduler*&>().*std::declval<void (WebCore::NavigationScheduler::*&)()>()()) std::__1::__invoke[abi:v160006]<void (WebCore::NavigationScheduler::*&)(), WebCore::NavigationScheduler*&, void>(void (WebCore::NavigationScheduler::*&)(), WebCore::NavigationScheduler*&) 13 0x12699d4e4 std::__1::__bind_return<void (WebCore::NavigationScheduler::*)(), std::__1::tuple<WebCore::NavigationScheduler*>, std::__1::tuple<>, __is_valid_bind_return<void (WebCore::NavigationScheduler::*)(), std::__1::tuple<WebCore::NavigationScheduler*>, std::__1::tuple<>>::value>::type std::__1::__apply_functor[abi:v160006]<void (WebCore::NavigationScheduler::*)(), std::__1::tuple<WebCore::NavigationScheduler*>, 0ul, std::__1::tuple<>>(void (WebCore::NavigationScheduler::*&)(), std::__1::tuple<WebCore::NavigationScheduler*>&, std::__1::__tuple_indices<0ul>, std::__1::tuple<>&&) 14 0x12699d49c std::__1::__bind_return<void (WebCore::NavigationScheduler::*)(), std::__1::tuple<WebCore::NavigationScheduler*>, std::__1::tuple<>, __is_valid_bind_return<void (WebCore::NavigationScheduler::*)(), std::__1::tuple<WebCore::NavigationScheduler*>, std::__1::tuple<>>::value>::type std::__1::__bind<void (WebCore::NavigationScheduler::*&)(), WebCore::NavigationScheduler*>::operator()[abi:v160006]<>() 15 0x12699d440 WTF::Detail::CallableWrapper<std::__1::__bind<void (WebCore::NavigationScheduler::*&)(), WebCore::NavigationScheduler*>, void>::call() 16 0x1222c8b78 WTF::Function<void ()>::operator()() const 17 0x125373694 WebCore::Timer::fired() 18 0x126e761a8 WebCore::ThreadTimers::sharedTimerFiredInternal() 19 0x126e7e258 WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0::operator()() const 20 0x126e7e204 WTF::Detail::CallableWrapper<WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0, void>::call() 21 0x1222c8b78 WTF::Function<void ()>::operator()() const 22 0x126e26208 WebCore::MainThreadSharedTimer::fired() 23 0x126f09310 WebCore::timerFired(__CFRunLoopTimer*, void*) 24 0x19084dcd0 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ 25 0x19084d978 __CFRunLoopDoTimer 26 0x19084d4b0 __CFRunLoopDoTimers 27 0x1908309f4 __CFRunLoopRun 28 0x19082fc5c CFRunLoopRunSpecific 29 0x1042977e8 runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) 30 0x104296b68 runTestingServerLoop() 31 0x1042961d8 dumpRenderTree(int, char const**) Link: https://build.webkit.org/results/Apple-Sonoma-Debug-AppleSilicon-WK1-Tests/271143@main%20(719)/http/tests/security/xss-DENIED-synchronous-frame-load-in-javascript-url-sample.txt
<rdar://problem/118850236>
Pull request: https://github.com/WebKit/WebKit/pull/20959
Committed 271174@main (cbfb2e47625c): <https://commits.webkit.org/271174@main> Reviewed commits have been landed. Closing PR #20959 and removing active labels.