RESOLVED FIXED298814
Do not store LazyNeverDestroyed objects as member variables 
https://bugs.webkit.org/show_bug.cgi?id=298814
Summary Do not store LazyNeverDestroyed objects as member variables
Nikolas Zimmermann
Reported 2025-09-13 04:21:06 PDT
StaticCSSValuePool stores LazyNeverDestroyed<CSS*Value> member variables. LazyNeverDestroyed is not intended to be used in this way -- it breaks the build using gcc-14, which complains that the 'm_isConstructed' member variable of LazyNeverDestroyed is never initialized, when storing such objects as members. See LazyNeverDestroyed.h for the reason, why m_isConstructed is not initialized by default.
Attachments
Add attachment proposed patch, testcase, etc.
Nikolas Zimmermann
Comment 1 2025-09-13 15:02:55 PDT
Pull request: https://github.com/WebKit/WebKit/pull/50708
Nikolas Zimmermann
Comment 2 2025-09-13 15:26:47 PDT
Note: CSSValuePool used Vector<Ref<CSSPrimitiveValue>> / Ref<CSSPrimitiveValue> instead of LazyNeverDestroyed<X> at some point (see https://commits.webkit.org/217764@main). This however introduced a Membuster regression, which was later fixed in https://commits.webkit.org/220644@main, by introducing StaticCSSValuePool and using LazyNeverDestroyed members again. I therefore tried to carefully stick to the existing pattern of avoiding dynamic allocations, only getting rid of LazyNeverDestroyed, switching to use AlignedStorage directly. Hope it's a sane approach...
Nikolas Zimmermann
Comment 3 2025-09-13 15:31:53 PDT
Here's the gcc 14 build failure that appears prior to applying the PR: ``` In file included from /host/home/nzimmermann/Software/GitRepositories/WebKit/WebKitBuild/WPE/Release/WTF/Headers/wtf/MallocCommon.h:28, from /host/home/nzimmermann/Software/GitRepositories/WebKit/WebKitBuild/WPE/Release/WTF/Headers/wtf/FastMalloc.h:26, from /host/home/nzimmermann/Software/GitRepositories/WebKit/Source/WebCore/config.h:47, from /host/home/nzimmermann/Software/GitRepositories/WebKit/Source/WebCore/css/CSSURLValue.cpp:30, from /host/home/nzimmermann/Software/GitRepositories/WebKit/WebKitBuild/WPE/Release/WebCore/DerivedSources/unified-sources/UnifiedSource-2f84417a-14.cpp:1: In member function ‘void WTF::LazyNeverDestroyed< <template-parameter-1-1>, <template-parameter-1-2> >::constructWithoutAccessCheck(Args&& ...) [with Args = {WebCore::CSSValue::StaticCSSValueTag, WebCore::CSSPrimitiveValue::ImplicitInitialValueTag}; T = WebCore::CSSPrimitiveValue; AccessTraits = WTF::AnyThreadsAccessTraits]’, inlined from ‘void WTF::LazyNeverDestroyed< <template-parameter-1-1>, <template-parameter-1-2> >::construct(Args&& ...) [with Args = {WebCore::CSSValue::StaticCSSValueTag, WebCore::CSSPrimitiveValue::ImplicitInitialValueTag}; T = WebCore::CSSPrimitiveValue; AccessTraits = WTF::AnyThreadsAccessTraits]’ at /host/home/nzimmermann/Software/GitRepositories/WebKit/WebKitBuild/WPE/Release/WTF/Headers/wtf/NeverDestroyed.h:128:36, inlined from ‘WebCore::StaticCSSValuePool::StaticCSSValuePool()’ at /host/home/nzimmermann/Software/GitRepositories/WebKit/Source/WebCore/css/CSSValuePool.cpp:41:37: /host/home/nzimmermann/Software/GitRepositories/WebKit/WebKitBuild/WPE/Release/WTF/Headers/wtf/NeverDestroyed.h:134:17: error: ‘*(WTF::LazyNeverDestroyed<WebCore::CSSPrimitiveValue, WTF::AnyThreadsAccessTraits>*)this.WTF::LazyNeverDestroyed<WebCore::CSSPrimitiveValue>::m_isConstructed’ is used uninitialized [-Werror=uninitialized] 134 | ASSERT(!m_isConstructed); | ^~~~~~~~~~~~~~~ /host/home/nzimmermann/Software/GitRepositories/WebKit/WebKitBuild/WPE/Release/WTF/Headers/wtf/Assertions.h:393:58: note: in definition of macro ‘UNLIKELY_FOR_C_ASSERTIONS’ 393 | #define UNLIKELY_FOR_C_ASSERTIONS(x) __builtin_expect(!!(x), 0) | ^ /host/home/nzimmermann/Software/GitRepositories/WebKit/WebKitBuild/WPE/Release/WTF/Headers/wtf/NeverDestroyed.h:134:9: note: in expansion of macro ‘ASSERT’ 134 | ASSERT(!m_isConstructed); | ^~~~~~ cc1plus: all warnings being treated as errors ```
EWS
Comment 4 2025-09-13 22:50:21 PDT
Committed 299936@main (d97070b32b34): <https://commits.webkit.org/299936@main> Reviewed commits have been landed. Closing PR #50708 and removing active labels.
Radar WebKit Bug Importer
Comment 5 2025-09-13 22:51:13 PDT
<rdar://problem/160546961>
Note You need to log in before you can comment on or make changes to this bug.