[Webkit-unassigned] [Bug 33269] Improve HTMLElement::tagPriority()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jan 6 18:30:43 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=33269
--- Comment #8 from TAMURA, Kent <tkent at chromium.org> 2010-01-06 18:30:42 PST ---
I have confirmed that impl() never be null, and this is off-topic. But I'd like
to understand this.
(In reply to comment #6)
> > However, 0 makes no problems because the HashMap key is AtomicStringImpl*. The
> > generic PtrHash is used and tagPriorityMap.get(0) simply returns emptyValue().
>
> That's not true.
>
> If you call tagPriorityMap.get(0) there’s a chance that you could get an
> uninitialized value from an empty hash table entry. There is no special check
> for the empty value and if the value you pass hashes to a slot that has a 0 in
> it, then it will return the value in that slot.
>
> It is *not* safe to call get(0).
I read the code of HashTable.h and HashMap.h, and still wonder why it is not
safe.
You are talking about a case of empty HashTable, and it's safe for non-empty
HashTable, right?
In the empty case, HashTable::m_table is 0 and HashTable::lookup() seems to
return (Value*)0 correctly for any keys. HashMap::get() returns emptyValue()
for (Value*)0.
I couldn't find a case that HashMap::get() returns uninitialized value.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list