Bug 62800 - HTMLTable should cache its 'rows' collection results
Summary: HTMLTable should cache its 'rows' collection results
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: DOM (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Julien Chaffraix
URL: http://code.google.com/p/chromium/iss...
Keywords:
Depends on:
Blocks:
 
Reported: 2011-06-16 09:24 PDT by Julien Chaffraix
Modified: 2011-06-16 18:08 PDT (History)
2 users (show)

See Also:


Attachments
Patch (5.94 KB, patch)
2011-06-16 09:34 PDT, Julien Chaffraix
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Julien Chaffraix 2011-06-16 09:24:25 PDT
This stems from http://code.google.com/p/chromium/issues/detail?id=73120

The test page is a 22k table. Some JS code is calling table.rows for each element at least twice. Currently, we create a new HTMLTableRowsCollection every time table.rows is called. This means that the length is potentially recalculated every time table.rows is used.

In the example, the DOM is not mutated so we could potentially reuse the CollectionCache to avoid the bad behavior.

Patch forthcoming.
Comment 1 Julien Chaffraix 2011-06-16 09:34:40 PDT
Created attachment 97451 [details]
Patch
Comment 2 Darin Adler 2011-06-16 09:37:45 PDT
Comment on attachment 97451 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=97451&action=review

> Source/WebCore/html/HTMLTableElement.cpp:630
> +        m_collectionCache = adoptPtr(new CollectionCache());

I usually don’t put in the parentheses in cases like this.
Comment 3 WebKit Review Bot 2011-06-16 09:50:31 PDT
Comment on attachment 97451 [details]
Patch

Clearing flags on attachment: 97451

Committed r89035: <http://trac.webkit.org/changeset/89035>
Comment 4 WebKit Review Bot 2011-06-16 09:50:35 PDT
All reviewed patches have been landed.  Closing bug.
Comment 5 Darin Adler 2011-06-16 18:04:18 PDT
I am seeing crashes when running dom/html/level2/html/HTMLCollection01.html and other tests now.

Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000098
0   com.apple.WebCore             	0x000000010fe13478 WTF::OwnPtr<WebCore::CollectionCache>::operator!() const + 8 (OwnPtr.h:65)
1   com.apple.WebCore             	0x000000010fe8b0e9 WebCore::HTMLTableElement::collectionCache() const + 41 (HTMLTableElement.cpp:629)
2   com.apple.WebCore             	0x000000010fe8ed18 WebCore::HTMLTableRowsCollection::HTMLTableRowsCollection(WTF::PassRefPtr<WebCore::HTMLTableElement>) + 72 (HTMLTableRowsCollection.cpp:153)

Caused by this patch?
Comment 6 Darin Adler 2011-06-16 18:08:53 PDT
Yup, this patch makes incorrect use of PassRefPtr.