Bug 33422

Hi,
webkit/gtk GIT as of yesterday crashes when entering some website. Backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff512d111 in WTF::TCMalloc_Central_FreeList::FetchFromSpans() ()
   from /usr/local/lib/libwebkit-1.0.so.2
(gdb) bt
#0  0x00007ffff512d111 in WTF::TCMalloc_Central_FreeList::FetchFromSpans() ()
   from /usr/local/lib/libwebkit-1.0.so.2
#1  0x00007ffff5130b7f in WTF::TCMalloc_Central_FreeList::RemoveRange(void**, void**, int*) () from /usr/local/lib/libwebkit-1.0.so.2
#2  0x00007ffff5132151 in WTF::fastMalloc(unsigned long) ()
   from /usr/local/lib/libwebkit-1.0.so.2
#3  0x00007ffff4c5d1cc in WebCore::StringImpl::createUninitialized(unsigned int, unsigned short*&) () from /usr/local/lib/libwebkit-1.0.so.2
#4  0x00007ffff4c5d825 in WebCore::StringImpl::create(unsigned short const*, unsigned int) () from /usr/local/lib/libwebkit-1.0.so.2
#5  0x00007ffff4c54957 in std::pair<WTF::HashTableIteratorAdapter<WTF::HashTable<WebCore::StringImpl*, WebCore::StringImpl*, WTF::IdentityExtractor<WebCore::StringImpl*>, WebCore::StringHash, WTF::HashTraits<WebCore::StringImpl*>, WTF::HashTraits<WebCore::StringImpl*> >, WebCore::StringImpl*>, bool> WTF::HashSet<WebCore::StringImpl*, WebCore::StringHash, WTF::HashTraits<WebCore::StringImpl*> >::add<WebCore::UCharBuffer, WebCore::UCharBufferTranslator>(WebCore::UCharBuffer const&) () from /usr/local/lib/libwebkit-1.0.so.2
#6  0x00007ffff4c5370d in WebCore::AtomicString::add(unsigned short const*, int) () from /usr/local/lib/libwebkit-1.0.so.2
#7  0x00007ffff4fc20d6 in WebCore::CSSParserString::operator WebCore::AtomicString() const () from /usr/local/lib/libwebkit-1.0.so.2
#8  0x00007ffff4fbfbe2 in cssyyparse(void*) ()
   from /usr/local/lib/libwebkit-1.0.so.2
---Type <return> to continue, or q <return> to quit---
#9  0x00007ffff496aeea in WebCore::CSSParser::parseSheet(WebCore::CSSStyleSheet*, WebCore::String const&) () from /usr/local/lib/libwebkit-1.0.so.2
#10 0x00007ffff49af588 in WebCore::CSSStyleSheet::parseString(WebCore::String const&, bool) () from /usr/local/lib/libwebkit-1.0.so.2
#11 0x00007ffff4aee391 in WebCore::HTMLLinkElement::setCSSStyleSheet(WebCore::String const&, WebCore::String const&, WebCore::CachedCSSStyleSheet const*) ()
   from /usr/local/lib/libwebkit-1.0.so.2
#12 0x00007ffff4b4e299 in WebCore::CachedCSSStyleSheet::checkNotify() ()
   from /usr/local/lib/libwebkit-1.0.so.2
#13 0x00007ffff4b4ebc8 in WebCore::CachedCSSStyleSheet::data(WTF::PassRefPtr<WebCore::SharedBuffer>, bool) () from /usr/local/lib/libwebkit-1.0.so.2
#14 0x00007ffff4baa4b4 in WebCore::Loader::Host::didFinishLoading(WebCore::SubresourceLoader*) () from /usr/local/lib/libwebkit-1.0.so.2
#15 0x00007ffff4b998d6 in WebCore::SubresourceLoader::didFinishLoading() ()
   from /usr/local/lib/libwebkit-1.0.so.2
#16 0x00007ffff4f8d246 in WebCore::finishedCallback(_SoupSession*, _SoupMessage*, void*) () from /usr/local/lib/libwebkit-1.0.so.2
#17 0x00007ffff3acbdcd in final_finished (req=0x10af540, 
    user_data=<value optimized out>) at soup-session-async.c:384
#18 0x00007ffff1e6c7ce in IA__g_closure_invoke (closure=0xe78720, 
    return_value=0x0, n_param_values=1, param_values=0x1044da0, 
    invocation_hint=0x7fffffffc800)
    at /build/buildd/glib2.0-2.23.1/gobject/gclosure.c:767
---Type <return> to continue, or q <return> to quit---
#19 0x00007ffff1e81d6c in signal_emit_unlocked_R (node=0xd35ad0, 
    detail=<value optimized out>, instance=<value optimized out>, 
    emission_return=<value optimized out>, 
    instance_and_params=<value optimized out>)
    at /build/buildd/glib2.0-2.23.1/gobject/gsignal.c:3317
#20 0x00007ffff1e82bbe in IA__g_signal_emit_valist (instance=0x10af540, 
    signal_id=<value optimized out>, detail=0, var_args=0x7fffffffc9f0)
    at /build/buildd/glib2.0-2.23.1/gobject/gsignal.c:2980
#21 0x00007ffff1e83453 in IA__g_signal_emit (instance=0x7ffff59b75e0, 
    signal_id=0, detail=3788511328)
    at /build/buildd/glib2.0-2.23.1/gobject/gsignal.c:3037
#22 0x00007ffff3ac1f5f in soup_message_io_finished (msg=0x10af540)
    at soup-message-io.c:177
#23 0x00007ffff1e6c7ce in IA__g_closure_invoke (closure=0x1080990, 
    return_value=0x0, n_param_values=1, param_values=0x1067580, 
    invocation_hint=0x7fffffffcc20)
    at /build/buildd/glib2.0-2.23.1/gobject/gclosure.c:767
#24 0x00007ffff1e81776 in signal_emit_unlocked_R (node=0xe88b30, 
    detail=<value optimized out>, instance=<value optimized out>, 
    emission_return=<value optimized out>, 
    instance_and_params=<value optimized out>)
    at /build/buildd/glib2.0-2.23.1/gobject/gsignal.c:3247
#25 0x00007ffff1e82bbe in IA__g_signal_emit_valist (instance=0x1081da0, 
---Type <return> to continue, or q <return> to quit---
    signal_id=<value optimized out>, detail=0, var_args=0x7fffffffce10)
    at /build/buildd/glib2.0-2.23.1/gobject/gsignal.c:2980
#26 0x00007ffff1e83453 in IA__g_signal_emit (instance=0x7ffff59b75e0, 
    signal_id=0, detail=3788511328)
    at /build/buildd/glib2.0-2.23.1/gobject/gsignal.c:3037
#27 0x00007ffff3acde41 in socket_read_watch (chan=<value optimized out>, 
    cond=0, user_data=<value optimized out>) at soup-socket.c:1196
#28 0x00007ffff13bda7e in g_main_dispatch (context=0x71b6f0)
    at /build/buildd/glib2.0-2.23.1/glib/gmain.c:1960
#29 IA__g_main_context_dispatch (context=0x71b6f0)
    at /build/buildd/glib2.0-2.23.1/glib/gmain.c:2513
#30 0x00007ffff13c1438 in g_main_context_iterate (context=0x71b6f0, 
    block=<value optimized out>, dispatch=<value optimized out>, 
    self=<value optimized out>)
    at /build/buildd/glib2.0-2.23.1/glib/gmain.c:2591
#31 0x00007ffff13c1895 in IA__g_main_loop_run (loop=0x7a4f80)
    at /build/buildd/glib2.0-2.23.1/glib/gmain.c:2799
#32 0x00007ffff3e3b627 in IA__gtk_main () at /gtk+2.0-2.19.2/gtk/gtkmain.c:1219
#33 0x0000000000435cef in main (argc=1, argv=0x7fffffffe2c8) at ephy-main.c:778