[Webkit-unassigned] [Bug 41129] CSSSelector: Avoid chaining tagHistory of CSSSelector, which causes stack overflow.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 13 23:57:43 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=41129
--- Comment #14 from Hayato Ito <hayato at chromium.org> 2010-07-13 23:57:43 PST ---
(In reply to comment #11)
> (From update of attachment 60092 [details])
> WebCore/css/CSSParser.h:172
> + CSSSelector* connectFloatingSelector(CSSSelector* ownerSelector, CSSSelector* sinkingSelector, CSSSelector::Relation);
> Do we need to return a value?
We don't need a return value. Done.
>
>
> WebCore/css/CSSParser.cpp:185
> + deleteAllKeys(m_floatingSelectors);
> I'm not sure, but now it seems we don't sink floating selectors, so all selectors will be deleted when a parser is destructed?
A sinkingSelector is actually 'sinked' implicitly by m_floatingSelectors.take(..) in the following line.
int newChainingLength = m_floatingSelectors.get(ownerSelector) + m_floatingSelectors.take(sinkingSelector);
That line could be rewritten as follows if we explicitly sink a sinkingSelector:
int newChainingLength = m_floatingSelectors.get(ownerSelector) + m_floatingSelectors.get(sinkingSelector);
sinkFloatingSelector(sinkingSelector);
I think the former is better than the latter because we lookup the key in HashTable only once in the former.
I've added a comment to avoid confusiong a reader.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list