script: when handling page headers, stop if pipeline closed already (#38739)

Previously, the script-thread would assert the pipeline was closed if no
pending load was found, but it did not check whether the pipeline was
closed before processing the page headers. Since incomplete loads are
removed only when page headers are processed, this means the page
headers were processed even if the pipeline had been closed before the
page headers were available. If the pipeline had been closed as part of
exiting the constellation, it was possible for the constellation to have
exited by the time the page headers became available(since the
script-thread closes a pipeline independently from ongoing navigation
fetches), which would produce a panic on trying to communicate with the
constellation to obtain the browsing context info.

Note: due to the nature of the problem, I cannot verify that this fixes
the crash test, although logically this appears to make sense, and a
couple of days of WPT runs should tell us more.

Testing: A crash test was added; unfortunately the crash was
intermittent.
Fixes: https://github.com/servo/servo/issues/36747

---------

Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>

tests/wpt/mozilla/meta/MANIFEST.json

@@ -32,6 +32,13 @@
       {}
      ]
     ],
+    "form-navigate-loop-crash.html": [
+     "1068ccc38eed223cf83a4cbd8fed336b83c0b745",
+     [
+      null,
+      {}
+     ]
+    ],
     "form_reset-crash.html": [
      "b23cbf6aefdef8231e2cc4cb0e6416195d5bdf71",
      [

tests/wpt/mozilla/tests/mozilla/form-navigate-loop-crash.html

@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<script>
+  window.addEventListener("load", _ => {
+    form.submit();
+    window.frames.stop();
+    iframe.src = "data:text/html,";
+  });
+</script>
+<form id="form">
+<iframe id="iframe"></iframe>