It happens because ResourceHandle::continueWillSendRequest() is called with a null request. Mac doesn't crash, I guess because they correctly handle the case of a null request. We could handle that in Soup, of course, but the thing is that the behaviour is not the same for async loads, or when loading with in the web process. In WebResourceLoader::willSendRequest(), ResourceRequest::willSendRequest is called, that cancels the load if the client returns a null request. In this case, the Resource Loader is detached and WebResourceLoader::willSendRequest() returns early without sending the ContinueWillSendRequest message to the network process. However, for synchronous loads, NetworkResourceLoader::continueWillSendRequest() is always called.
Created attachment 241583 [details]
Note that this makes the test pass because the network process doesn't crash anymore, but the behaviour is still different than the web process or for async loads when running this partiuclar test. When using the web process or async loads, the fallback resource is actually loaded, the load is not cancelled. We are cancelling the load for sync requests because protocol and host of the redirected url don't match, I don't know why we do that, though I guess we need to fix the FIXME there.
Committed r176154: <http://trac.webkit.org/changeset/176154>