Bug 62800

Summary: HTMLTable should cache its 'rows' collection results
Product: WebKit Reporter: Julien Chaffraix <jchaffraix>
Component: DOMAssignee: Julien Chaffraix <jchaffraix>
Status: RESOLVED FIXED    
Severity: Normal CC: darin, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
URL: http://code.google.com/p/chromium/issues/attachmentText?id=73106&aid=541403547953126335&name=chromium-bugreport.txt
Attachments:
Description Flags
Patch none

Julien Chaffraix
Reported 2011-06-16 09:24:25 PDT
This stems from http://code.google.com/p/chromium/issues/detail?id=73120 The test page is a 22k table. Some JS code is calling table.rows for each element at least twice. Currently, we create a new HTMLTableRowsCollection every time table.rows is called. This means that the length is potentially recalculated every time table.rows is used. In the example, the DOM is not mutated so we could potentially reuse the CollectionCache to avoid the bad behavior. Patch forthcoming.
Attachments
Patch (5.94 KB, patch)
2011-06-16 09:34 PDT, Julien Chaffraix 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Julien Chaffraix
Comment 1 2011-06-16 09:34:40 PDT
Created attachment 97451 [details] Patch
Darin Adler
Comment 2 2011-06-16 09:37:45 PDT
Comment on attachment 97451 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=97451&action=review > Source/WebCore/html/HTMLTableElement.cpp:630 > + m_collectionCache = adoptPtr(new CollectionCache()); I usually don’t put in the parentheses in cases like this.
WebKit Review Bot
Comment 3 2011-06-16 09:50:31 PDT
Comment on attachment 97451 [details] Patch Clearing flags on attachment: 97451 Committed r89035: <http://trac.webkit.org/changeset/89035>
WebKit Review Bot
Comment 4 2011-06-16 09:50:35 PDT
All reviewed patches have been landed. Closing bug.
Darin Adler
Comment 5 2011-06-16 18:04:18 PDT
I am seeing crashes when running dom/html/level2/html/HTMLCollection01.html and other tests now. Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000098 0 com.apple.WebCore 0x000000010fe13478 WTF::OwnPtr<WebCore::CollectionCache>::operator!() const + 8 (OwnPtr.h:65) 1 com.apple.WebCore 0x000000010fe8b0e9 WebCore::HTMLTableElement::collectionCache() const + 41 (HTMLTableElement.cpp:629) 2 com.apple.WebCore 0x000000010fe8ed18 WebCore::HTMLTableRowsCollection::HTMLTableRowsCollection(WTF::PassRefPtr<WebCore::HTMLTableElement>) + 72 (HTMLTableRowsCollection.cpp:153) Caused by this patch?
Darin Adler
Comment 6 2011-06-16 18:08:53 PDT
Yup, this patch makes incorrect use of PassRefPtr.
Note You need to log in before you can comment on or make changes to this bug.