e.g. Thread 0 Crashed ↩:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x00007fff4a6790ed WebCore::InlineTextBox::selectionState() + 509 1 com.apple.WebCore 0x00007fff4a677329 WebCore::InlineTextBox::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit) + 425 2 com.apple.WebCore 0x00007fff4a6768f0 WebCore::InlineFlowBox::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit) + 1040 3 com.apple.WebCore 0x00007fff4a676472 WebCore::RootInlineBox::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit) + 34 4 com.apple.WebCore 0x00007fff4a653e65 WebCore::RenderLineBoxList::paint(WebCore::RenderBoxModelObject*, WebCore::PaintInfo&, WebCore::LayoutPoint const&) const + 853 5 com.apple.WebCore 0x00007fff4a650725 WebCore::RenderBlock::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 549 6 com.apple.WebCore 0x00007fff4a652985 WebCore::RenderBlock::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 245 7 com.apple.WebCore 0x00007fff4ba09b72 WebCore::RenderBlock::paintChild(WebCore::RenderBox&, WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::PaintInfo&, bool, WebCore::RenderBlock::PaintBlockType) + 642 8 com.apple.WebCore 0x00007fff4a6510ff WebCore::RenderBlock::paintChildren(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::PaintInfo&, bool) + 95 9 com.apple.WebCore 0x00007fff4a650748 WebCore::RenderBlock::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 584 10 com.apple.WebCore 0x00007fff4a652985 WebCore::RenderBlock::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 245 11 com.apple.WebCore 0x00007fff4ba655c9 WebCore::RenderElement::paintAsInlineBlock(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 185 12 com.apple.WebCore 0x00007fff4b9fa515 WebCore::InlineElementBox::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit) + 117 13 com.apple.WebCore 0x00007fff4a6768f0 WebCore::InlineFlowBox::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit) + 1040 14 com.apple.WebCore 0x00007fff4a676472 WebCore::RootInlineBox::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit) + 34 15 com.apple.WebCore 0x00007fff4a653e65 WebCore::RenderLineBoxList::paint(WebCore::RenderBoxModelObject*, WebCore::PaintInfo&, WebCore::LayoutPoint const&) const + 853 16 com.apple.WebCore 0x00007fff4a650725 WebCore::RenderBlock::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 549 17 com.apple.WebCore 0x00007fff4a652985 WebCore::RenderBlock::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 245 18 com.apple.WebCore 0x00007fff4ba09b72 WebCore::RenderBlock::paintChild(WebCore::RenderBox&, WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::PaintInfo&, bool, WebCore::RenderBlock::PaintBlockType) + 642 19 com.apple.WebCore 0x00007fff4a6510ff WebCore::RenderBlock::paintChildren(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::PaintInfo&, bool) + 95 20 com.apple.WebCore 0x00007fff4a650748 WebCore::RenderBlock::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 584 21 com.apple.WebCore 0x00007fff4a652985 WebCore::RenderBlock::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 245 22 com.apple.WebCore 0x00007fff4ba09b72 WebCore::RenderBlock::paintChild(WebCore::RenderBox&, WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::PaintInfo&, bool, WebCore::RenderBlock::PaintBlockType) + 642 23 com.apple.WebCore 0x00007fff4a6510ff WebCore::RenderBlock::paintChildren(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::PaintInfo&, bool) + 95 24 com.apple.WebCore 0x00007fff4a650748 WebCore::RenderBlock::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 584 25 com.apple.WebCore 0x00007fff4a652985 WebCore::RenderBlock::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 245 26 com.apple.WebCore 0x00007fff4ba09b72 WebCore::RenderBlock::paintChild(WebCore::RenderBox&, WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::PaintInfo&, bool, WebCore::RenderBlock::PaintBlockType) + 642 27 com.apple.WebCore 0x00007fff4a6510ff WebCore::RenderBlock::paintChildren(WebCore::PaintInfo&, WebCore::LayoutPoint const&, WebCore::PaintInfo&, bool) + 95 28 com.apple.WebCore 0x00007fff4a650748 WebCore::RenderBlock::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 584 29 com.apple.WebCore 0x00007fff4a652985 WebCore::RenderBlock::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&) + 245 30 com.apple.WebCore 0x00007fff4baa8804 WebCore::RenderLayer::paintForegroundForFragmentsWithPhase(WebCore::PaintPhase, WTF::Vector<WebCore::LayerFragment, 1ul, WTF::CrashOnOverflow, 16ul> const&, WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::PaintBehavior>, WebCore::RenderObject*) + 404 31 com.apple.WebCore 0x00007fff4baa65d4 WebCore::RenderLayer::paintForegroundForFragments(WTF::Vector<WebCore::LayerFragment, 1ul, WTF::CrashOnOverflow, 16ul> const&, WebCore::GraphicsContext&, WebCore::GraphicsContext&, WebCore::LayoutRect const&, bool, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::PaintBehavior>, WebCore::RenderObject*) + 420 32 com.apple.WebCore 0x00007fff4baa3634 WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>) + 3268 33 com.apple.WebCore 0x00007fff4baa36e3 WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>) + 3443 34 com.apple.WebCore 0x00007fff4baa0e10 WebCore::RenderLayer::paint(WebCore::GraphicsContext&, WebCore::LayoutRect const&, WebCore::LayoutSize const&, WTF::OptionSet<WebCore::PaintBehavior>, WebCore::RenderObject*, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>, WebCore::RenderLayer::SecurityOriginPaintPolicy) + 272 35 com.apple.WebCore 0x00007fff4b7ecd88 WebCore::FrameView::paintContents(WebCore::GraphicsContext&, WebCore::IntRect const&, WebCore::Widget::SecurityOriginPaintPolicy) + 616 36 com.apple.WebCore 0x00007fff4b7e3a94 WebCore::FrameView::paintContentsForSnapshot(WebCore::GraphicsContext&, WebCore::IntRect const&, WebCore::FrameView::SelectionInSnapshot, WebCore::FrameView::CoordinateSpaceForSnapshot) + 244 37 com.apple.WebCore 0x00007fff4b7e38e3 WebCore::snapshotFrameRectWithClip(WebCore::Frame&, WebCore::IntRect const&, WTF::Vector<WebCore::FloatRect, 0ul, WTF::CrashOnOverflow, 16ul> const&, unsigned int) + 467 38 com.apple.WebCore 0x00007fff4b82c9df WebCore::takeSnapshot(WebCore::Frame&, WebCore::IntRect, unsigned int, float&, WTF::Vector<WebCore::FloatRect, 0ul, WTF::CrashOnOverflow, 16ul> const&) + 47 39 com.apple.WebCore 0x00007fff4b828663 WebCore::initializeIndicator(WebCore::TextIndicatorData&, WebCore::Frame&, WebCore::Range const&, WebCore::FloatSize, bool) + 4147 40 com.apple.WebCore 0x00007fff4b827435 WebCore::TextIndicator::createWithRange(WebCore::Range const&, unsigned short, WebCore::TextIndicatorPresentationTransition, WebCore::FloatSize) + 1093 41 com.apple.WebKit 0x00007fff4c4e16c4 WebKit::WebPage::performImmediateActionHitTestAtLocation(WebCore::FloatPoint) + 734 42 com.apple.WebKit 0x00007fff4c5ac01d WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection&, IPC::Decoder&) + 20599 43 com.apple.WebKit 0x00007fff4c225a14 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 126 44 com.apple.WebKit 0x00007fff4c4f1540 WebKit::WebProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 28 <rdar://problem/49575527>
Zalan and I thought this is because TextIndicator::createWithRange isn't updating the the layout but initializeIndicator DOES update the layout.
Created attachment 366680 [details] Avoids the crash
Committed r243844: <https://trac.webkit.org/changeset/243844>