Bug 107240

These are the outcomes from gdb and valgrind sessions: (gdb) bt #0 0x000000000337dc60 in ?? () #1 0x00007ffff2266973 in WebCore::doRedirect (handle=0x3a20bd0) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:485 #2 0x00007ffff2266a3e in WebCore::redirectCloseCallback (res=0x23c2ca0, data=0x3a20bd0) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:495 #3 0x00007fffec87e4f2 in async_ready_close_callback_wrapper (source_object=0x18de130, res=0x23c2ca0, user_data=0x3a20bd0) at ginputstream.c:543 #4 0x00007fffec8aa804 in g_task_return_now (task=0x23c2ca0) at gtask.c:1102 #5 0x00007fffec8aa902 in g_task_return (task=0x23c2ca0, type=G_TASK_RETURN_ERROR) at gtask.c:1155 #6 0x00007fffec8ab27f in g_task_return_error (task=0x23c2ca0, error=0x2182a40) at gtask.c:1622 #7 0x00007fffef520baf in close_async_ready (msg=0x23a6e30, user_data=0x23c2ca0) at soup-client-input-stream.c:163 #8 0x00007fffef53bac7 in message_source_dispatch (source=0x33afdc0, callback=0x7fffef520b05 <close_async_ready>, user_data=0x23c2ca0) at soup-message-io.c:720 #9 0x00007fffec0ae47f in g_main_dispatch (context=0x7382f0) at gmain.c:2784 #10 0x00007fffec0af02f in g_main_context_dispatch (context=0x7382f0) at gmain.c:3288 #11 0x00007fffec0af21f in g_main_context_iterate (context=0x7382f0, block=1, dispatch=1, self=0x771960) at gmain.c:3359 #12 0x00007fffec0af2e3 in g_main_context_iteration (context=0x7382f0, may_block=1) at gmain.c:3420 #13 0x00007fffec8d5039 in g_application_run (application=0x920000, argc=1, argv=0x7fffffffda18) at gapplication.c:1620 #14 0x0000000000434e51 in main (argc=1, argv=0x7fffffffda18) at ephy-main.c:478 --- ==13881== Invalid read of size 8 ==13881== at 0x79CE94A: WebCore::doRedirect(WebCore::ResourceHandle*) (ResourceHandleSoup.cpp:485) ==13881== by 0x79CEA3D: WebCore::redirectCloseCallback(_GObject*, _GAsyncResult*, void*) (ResourceHandleSoup.cpp:495) ==13881== by 0x100C74F1: async_ready_close_callback_wrapper (ginputstream.c:543) ==13881== by 0x100F3803: g_task_return_now (gtask.c:1102) ==13881== by 0x100F3901: g_task_return (gtask.c:1155) ==13881== by 0x100F427E: g_task_return_error (gtask.c:1622) ==13881== by 0xD4BBBAE: close_async_ready (soup-client-input-stream.c:163) ==13881== by 0xD4D6AC6: message_source_dispatch (soup-message-io.c:720) ==13881== by 0x108BC47E: g_main_dispatch (gmain.c:2784) ==13881== by 0x108BD02E: g_main_context_dispatch (gmain.c:3288) ==13881== by 0x108BD21E: g_main_context_iterate (gmain.c:3359) ==13881== by 0x108BD2E2: g_main_context_iteration (gmain.c:3420) ==13881== Address 0x23de1100 is 0 bytes inside a block of size 1,048 free'd ==13881== at 0x4C28F5C: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==13881== by 0xCAECE26: WTF::fastFree(void*) (FastMalloc.cpp:336) ==13881== by 0x707D8F4: WTF::RefCounted<WebCore::ResourceLoader>::operator delete(void*) (RefCounted.h:197) ==13881== by 0x70915B3: WebCore::SubresourceLoader::~SubresourceLoader() (SubresourceLoader.cpp:79) ==13881== by 0x6FD0A0F: WTF::RefCounted<WebCore::ResourceLoader>::deref() (RefCounted.h:202) ==13881== by 0x6FD0383: void WTF::derefIfNotNull<WebCore::ResourceLoader>(WebCore::ResourceLoader*) (PassRefPtr.h:53) ==13881== by 0x6FCFEC6: WTF::RefPtr<WebCore::ResourceLoader>::~RefPtr() (RefPtr.h:56) ==13881== by 0x7087C79: WebCore::ResourceLoader::cancel(WebCore::ResourceError const&) (ResourceLoader.cpp:411) ==13881== by 0x7079042: WebCore::MainResourceLoader::cancel(WebCore::ResourceError const&) (MainResourceLoader.cpp:134) ==13881== by 0x7078ED6: WebCore::MainResourceLoader::cancel() (MainResourceLoader.cpp:116) ==13881== by 0x7025D9D: WebCore::DocumentLoader::stopLoading() (DocumentLoader.cpp:257) ==13881== by 0x7042D2F: WebCore::FrameLoader::stopAllLoaders(WebCore::ClearProvisionalItemPolicy) (FrameLoader.cpp:1556)