[Webkit-unassigned] [Bug 171586] New: NeverDestroyed<String>(ASCIILiteral(...)) is not thread safe.

Tue May 2 18:01:39 PDT 2017

https://bugs.webkit.org/show_bug.cgi?id=171586

            Bug ID: 171586
           Summary: NeverDestroyed<String>(ASCIILiteral(...)) is not
                    thread safe.
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mark.lam at apple.com

JavaScriptCore allows multiple VMs to be instantiated, and each of these should be able to run concurrently on different threads.  However, NeverDestroyed<String>(ASCIILiteral(...)) is not thread-safe because each thread will ref and deref the underlying StringImpl.  Since this ref and deref is down in a thread-safe way, the NeverDestroyed<String> may get destroyed due to the ref/deref races.

The fix is to use the StaticStringImpl class which is safe for ref/derefing concurrently from different threads.

An alternative solution would be to change all the uses of NeverDestroyed<String> to use per-VM strings.  However, this solution is cumbersome, and makes it harder to allocate the intended shared string.  It also uses more memory and takes more CPU time because it requires allocating the same string for each VM instance.  The StaticStringImpl solution wins out because it is more efficient and is easier to use.

<rdar://problem/31873190>

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170503/7808ba86/attachment-0001.html>