Bug 298798

VM::setHasTerminationRequest() should be thread-safe but is not because it sets a bit on the VM::m_entryScopeServices OptionSet, which is not thread-safe. For the record, this is how the concurrent access works: 1. VM::m_entryScopeServices is normally set by the mutator thread running that VM. 2. However, the Worker.terminate() API can be used by the main thread to terminate worker threads. Worker.terminate() calls ... WorkerMessagingProxy::terminateWorkerGlobalScope(), which calls ... WorkerOrWorkletThread::stop(), which calls ... WorkerOrWorkletScriptController::scheduleExecutionTermination(), which calls ... VM::notifyNeedTermination(), which calls ... VM::setHasTerminationRequest(), which calls ... VM::requestEntryScopeService(), and ... VM::requestEntryScopeService() does bitwise OR of the EntryScopeService::ResetTerminationRequest bit into the worker thread's VM::m_entryScopeServices. This is not thread safe because it may collide with the worker thread writing values into its VM::m_entryScopeServices. We can fix this by moving the EntryScopeService::ResetTerminationRequest bit into a separate byte that is safe to write to concurrently. In practice, the bug never manifests because it is extremely rare for VM::m_entryScopeServices to ever be written to, and the impact is benign. Regardless, we should fix this.