Bug 304922

ASSERTION FAILED: heap.vm().currentThreadIsHoldingAPILock() under WebCore::processValueWithDefaultPolicy for imported/w3c/web-platform-tests/trusted-types/navigate-to-javascript-url-002.html History: https://results.webkit.org/?suite=layout-tests&test=imported%2Fw3c%2Fweb-platform-tests%2Ftrusted-types%2Fnavigate-to-javascript-url-002.html https://build.webkit.org/results/Apple-Sequoia-Debug-AppleSilicon-WK2-Tests/304936@main%20(2988)/imported/w3c/web-platform-tests/trusted-types/navigate-to-javascript-url-002-crash-log.txt stderr: ASSERTION FAILED: heap.vm().currentThreadIsHoldingAPILock() ./heap/LocalAllocator.cpp(116) : void *JSC::LocalAllocator::allocateSlowCase(JSC::Heap &, size_t, GCDeferralContext *, AllocationFailureMode) 1 0x109931028 JSC::LocalAllocator::allocateSlowCase(JSC::Heap&, unsigned long, JSC::GCDeferralContext*, JSC::AllocationFailureMode) 2 0x34bdcfc54 JSC::LocalAllocator::allocate(JSC::Heap&, unsigned long, JSC::GCDeferralContext*, JSC::AllocationFailureMode)::'lambda'()::operator()() const 3 0x34bdcfb1c JSC::HeapCell* JSC::FreeList::allocateWithCellSize<JSC::LocalAllocator::allocate(JSC::Heap&, unsigned long, JSC::GCDeferralContext*, JSC::AllocationFailureMode)::'lambda'()>(JSC::LocalAllocator::allocate(JSC::Heap&, unsigned long, JSC::GCDeferralContext*, JSC::AllocationFailureMode)::'lambda'() const&, unsigned long) 4 0x34bdcfa50 JSC::LocalAllocator::allocate(JSC::Heap&, unsigned long, JSC::GCDeferralContext*, JSC::AllocationFailureMode) 5 0x34c018d90 JSC::GCClient::IsoSubspace::allocate(JSC::VM&, unsigned long, JSC::GCDeferralContext*, JSC::AllocationFailureMode) 6 0x34c02c4f0 void* JSC::tryAllocateCellHelper<JSC::JSString, (JSC::AllocationFailureMode)0>(JSC::VM&, unsigned long, JSC::GCDeferralContext*) 7 0x34c02c11c void* JSC::allocateCell<JSC::JSString>(JSC::VM&, unsigned long) 8 0x34c02be30 JSC::JSString::create(JSC::VM&, WTF::Ref<WTF::StringImpl, WTF::RawPtrTraits<WTF::StringImpl>, WTF::DefaultRefDerefTraits<WTF::StringImpl>>&&) 9 0x34d22e2d8 JSC::jsString(JSC::VM&, WTF::String const&) 10 0x35141c8d4 WebCore::processValueWithDefaultPolicy(WebCore::ScriptExecutionContext&, WebCore::TrustedType, WTF::String const&, WTF::String const&) 11 0x35141e384 WebCore::requireTrustedTypesForPreNavigationCheckPasses(WebCore::ScriptExecutionContext&, WTF::String const&) 12 0x3502de35c WebCore::ScriptController::executeJavaScriptURL(WTF::URL const&, WebCore::NavigationAction const&, bool&) 13 0x3520a2fa4 WebCore::FrameLoader::executeJavaScriptURL(WTF::URL const&, WebCore::NavigationAction const&) 14 0x3520a1874 WebCore::FrameLoader::loadWithNavigationAction(WebCore::ResourceRequest&&, WebCore::NavigationAction&&, WebCore::FrameLoadType, WTF::RefPtr<WebCore::FormSubmission const, WTF::RawPtrTraits<WebCore::FormSubmission const>, WTF::DefaultRefDerefTraits<WebCore::FormSubmission const>>&&, WebCore::AllowNavigationToInvalidURL, WebCore::ShouldTreatAsContinuingLoad, WTF::CompletionHandler<void ()>&&) 15 0x35209c93c WebCore::FrameLoader::loadURL(WebCore::FrameLoadRequest&&, WTF::String const&, WebCore::FrameLoadType, WebCore::Event*, WTF::RefPtr<WebCore::FormSubmission const, WTF::RawPtrTraits<WebCore::FormSubmission const>, WTF::DefaultRefDerefTraits<WebCore::FormSubmission const>>&&, std::__1::optional<WebCore::PrivateClickMeasurement>&&, WTF::CompletionHandler<void ()>&&) 16 0x3520a0150 WebCore::FrameLoader::loadFrameRequest(WebCore::FrameLoadRequest&&, WebCore::Event*, WTF::RefPtr<WebCore::FormSubmission const, WTF::RawPtrTraits<WebCore::FormSubmission const>, WTF::DefaultRefDerefTraits<WebCore::FormSubmission const>>&&, std::__1::optional<WebCore::PrivateClickMeasurement>&&)::$_1::operator()(WTF::Ref<WebCore::LocalFrame, WTF::RawPtrTraits<WebCore::LocalFrame>, WTF::DefaultRefDerefTraits<WebCore::LocalFrame>>&&, WebCore::FrameLoadRequest&&, WTF::RefPtr<WebCore::FormSubmission const, WTF::RawPtrTraits<WebCore::FormSubmission const>, WTF::DefaultRefDerefTraits<WebCore::FormSubmission const>>&&, std::__1::optional<WebCore::PrivateClickMeasurement>&&, WTF::CompletionHandler<void ()>&&) 17 0x352096720 WebCore::FrameLoader::loadFrameRequest(WebCore::FrameLoadRequest&&, WebCore::Event*, WTF::RefPtr<WebCore::FormSubmission const, WTF::RawPtrTraits<WebCore::FormSubmission const>, WTF::DefaultRefDerefTraits<WebCore::FormSubmission const>>&&, std::__1::optional<WebCore::PrivateClickMeasurement>&&) 18 0x352095ad8 WebCore::FrameLoader::changeLocation(WebCore::FrameLoadRequest&&, WebCore::Event*, std::__1::optional<WebCore::PrivateClickMeasurement>&&) 19 0x352416014 WebCore::LocalFrame::changeLocation(WebCore::FrameLoadRequest&&) 20 0x35216a504 WebCore::ScheduledLocationChange::fire(WebCore::Frame&) 21 0x35215ab44 WebCore::NavigationScheduler::timerFired() 22 0x352177834 WebCore::Timer::Timer<WebCore::NavigationScheduler, WebCore::NavigationScheduler>(WebCore::NavigationScheduler&, void (WebCore::NavigationScheduler::*)())::'lambda'()::operator()() const 23 0x35217768c WTF::Detail::CallableWrapper<WebCore::Timer::Timer<WebCore::NavigationScheduler, WebCore::NavigationScheduler>(WebCore::NavigationScheduler&, void (WebCore::NavigationScheduler::*)())::'lambda'(), void>::call() 24 0x34b7d3b5c WTF::Function<void ()>::operator()() const 25 0x34b92e9a4 WebCore::Timer::fired() 26 0x352887f70 WebCore::ThreadTimers::sharedTimerFiredInternal() 27 0x352893c44 WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0::operator()() const 28 0x352893bf0 WTF::Detail::CallableWrapper<WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0, void>::call() 29 0x34b7d3b5c WTF::Function<void ()>::operator()() const 30 0x352819e8c WebCore::MainThreadSharedTimer::fired() 31 0x3529a3d9c WebCore::timerFired(__CFRunLoopTimer*, void*) com.apple.WebKit.WebContent.Development terminated (pid 98889) for reason: crash