Created attachment 314862 [details]
Reproduced in MacOS 10.12.5 with Safari 10.1.1 (12603.2.4) as well as WebKit Nightly 10.1.1 (12603.2.4, r219255).
A friend attempted to reproduce the failure case with OS X 10.10.4 and Safari 8.0.7 (10600.7.12), and did not observe the problematic behavior.
Selecting any given amount of arbitrary text and right-clicking it does not crash the webpage process.
When selecting and then right-clicking text of the following format, the webpage process crashes:
1. The text has the appearance of a URL (scheme://host at a minimum). The scheme need not be an actual recognized scheme.
2. The host and/or authority component of the supposed URL contain one of a range of characters. All known reproduction cases involve characters that are IDNA disallowed. For example, Ⴀ or …. Any of these characters in the scheme, port, or path of the URL do not cause a crash.
This is easiest to reproduce when the text in question the user-visible text of an <a> tag, since right-clicking a link selects the text. Thus, an HTML file with minimal reproduction cases is included. However, it can be reproduced by simply selecting plain text, and then right-clicking. Demonstration:
Crash log to be attached after submission. Looking at it, it appears as though upon right-clicking any selected text, a check is made to determine if it's a navigable URL, and the error occurs in this process.
Created attachment 314863 [details]
Web process crash log
Case that led to this submission:
See the documentation link URL in the repository subtitle - it's terminated with an ellipsis as it's too long for the space given, although the actual <a> tag points to the full URL.
Created attachment 324623 [details]
*** Bug 178696 has been marked as a duplicate of this bug. ***