Fixing a bug in MessageQueue::removeIf() that leads to an
authordumi@chromium.org <dumi@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 19 Nov 2009 19:59:38 +0000 (19:59 +0000)
committerdumi@chromium.org <dumi@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 19 Nov 2009 19:59:38 +0000 (19:59 +0000)
assertion failure.

Reviewed by Dmitry Titov.

https://bugs.webkit.org/show_bug.cgi?id=31657

* wtf/MessageQueue.h:
(WTF::MessageQueue::removeIf):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@51198 268f45cc-cd09-0410-ab3c-d52691b4dbfc

JavaScriptCore/ChangeLog
JavaScriptCore/wtf/MessageQueue.h

index 9e3e49ec22546c4d9de1fd8acaf100575930531f..5057ab01d925c2ce0ac068f3c586dc8479e246df 100644 (file)
@@ -1,3 +1,15 @@
+2009-11-19  Dumitru Daniliuc  <dumi@chromium.org>
+
+        Reviewed by Dmitry Titov.
+
+        Fixing a bug in MessageQueue::removeIf() that leads to an
+        assertion failure.
+
+        https://bugs.webkit.org/show_bug.cgi?id=31657
+
+        * wtf/MessageQueue.h:
+        (WTF::MessageQueue::removeIf):
+
 2009-11-19  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
 
         Reviewed by Darin Adler.
index bab848cd805cc6c2ab1607a34cf269d009c33c48..48bd10ad0dca9b18d819307027923ce06df6880f 100644 (file)
@@ -173,8 +173,12 @@ namespace WTF {
     inline void MessageQueue<DataType>::removeIf(Predicate& predicate)
     {
         MutexLocker lock(m_mutex);
-        DequeConstIterator<DataType*> found = m_queue.end();
-        while ((found = m_queue.findIf(predicate)) != m_queue.end()) {
+        // See bug 31657 for why this loop looks so weird
+        while (true) {
+            DequeConstIterator<DataType*> found = m_queue.findIf(predicate);
+            if (found == m_queue.end())
+                break;
+
             DataType* message = *found;
             m_queue.remove(found);
             delete message;