Bug 155516 - ASSERT_NOT_REACHED on imported/w3c/web-platform-tests/html/semantics/embedded-content/the-area-element/area-coords.html
Summary: ASSERT_NOT_REACHED on imported/w3c/web-platform-tests/html/semantics/embedded...
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: Tools / Tests (show other bugs)
Version: Safari 9
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2016-03-15 15:18 PDT by Alexey Proskuryakov
Modified: 2016-04-05 13:36 PDT (History)
5 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexey Proskuryakov 2016-03-15 15:18:13 PDT 
imported/w3c/web-platform-tests/html/semantics/embedded-content/the-area-element/area-coords.html asserts every time.

It's been marked as flaky upon importing, but it doesn't seem useful to have it crash.
Comment 1 Alexey Proskuryakov 2016-03-15 15:22:55 PDT 
Updated test results in r198232.
Comment 2 Alexey Proskuryakov 2016-03-15 15:37:27 PDT 
rdar://problem/24929497
Comment 3 Alexey Proskuryakov 2016-03-15 15:38:06 PDT 
1   com.apple.WebCore             	0x000000010aedcaa1 WebCore::minimumValueForLength(WebCore::Length const&, WebCore::LayoutUnit, bool) + 305
2   com.apple.WebCore             	0x000000010a395dcc WebCore::HTMLAreaElement::getRegion(WebCore::LayoutSize const&) const + 2060
3   com.apple.WebCore             	0x000000010a395159 WebCore::HTMLAreaElement::mapMouseEvent(WebCore::LayoutPoint, WebCore::LayoutSize const&, WebCore::HitTestResult&) + 137
4   com.apple.WebCore             	0x000000010a43fda2 WebCore::HTMLMapElement::mapMouseEvent(WebCore::LayoutPoint, WebCore::LayoutSize const&, WebCore::HitTestResult&) + 242
5   com.apple.WebCore             	0x000000010b3b4d92 WebCore::RenderImage::nodeAtPoint(WebCore::HitTestRequest const&, WebCore::HitTestResult&, WebCore::HitTestLocation const&, WebCore::LayoutPoint const&, WebCore::HitTestAction) + 546
6   com.apple.WebCore             	0x000000010b493bd6 WebCore::RenderObject::hitTest(WebCore::HitTestRequest const&, WebCore::HitTestResult&, WebCore::HitTestLocation const&, WebCore::LayoutPoint const&, WebCore::HitTestFilter) + 118
7   com.apple.WebCore             	0x000000010a6438c0 WebCore::InlineElementBox::nodeAtPoint(WebCore::HitTestRequest const&, WebCore::HitTestResult&, WebCore::HitTestLocation const&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit, WebCore::HitTestAction) + 352
8   com.apple.WebCore             	0x000000010a64cba3 WebCore::InlineFlowBox::nodeAtPoint(WebCore::HitTestRequest const&, WebCore::HitTestResult&, WebCore::HitTestLocation const&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit, WebCore::HitTestAction) + 979
9   com.apple.WebCore             	0x000000010b63874a WebCore::RootInlineBox::nodeAtPoint(WebCore::HitTestRequest const&, WebCore::HitTestResult&, WebCore::HitTestLocation const&, WebCore::LayoutPoint const&, WebCore::LayoutUnit, WebCore::LayoutUnit, WebCore::HitTestAction) + 410
...
Comment 4 zalan 2016-04-05 13:32:13 PDT 
It asserts because ".4" string is considered an invalid integral number and newCoordsArray() does not handle this error case very well.
However it seems the spec changed so that now coords attribute can have floating point numbers. (https://html.spec.whatwg.org/multipage/embedded-content.html#attr-area-coords)
So instead of fixing newCoordsArray(), we should move over to floating-point attribute parsing.