Bug 1683004 Comment 3 Edit History

Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.

**Beta/Release Uplift Approval Request**
•	**User impact if declined:** For users with certain third-party PKCS11 modules, the browser may become unresponsive and fail to load websites over HTTPS. (Bug 1682881)
•	**Is this code covered by automated tests?:** Yes, but using certain third-party PKCS11 modules is what triggers the deadlock. There is no test that reproduces this.
•	**Has the fix been verified in Nightly?:** Yes. The code landed in m-c in https://hg.mozilla.org/mozilla-central/rev/bc61343b5d68. Verified in Beta.
•	**List of other uplifts needed:** None.
•	**Risk to taking this patch:** Low-medium. The bugfix code has not been run in release yet, but it seems to have stopped these crash reports in 85.
•	**Why is the change risky/not risky? (and alternatives if risky):** The fix landed in Nightly 85 and is now in Beta. It has been verified with both Firefox and curl using NSS. It’s a (relatively) simple relaxation of the locking order that seems to have caused the deadlock. 
•	**String changes made/needed:** None
**Beta/Release Uplift Approval Request**
•	**User impact if declined:** For users with certain third-party PKCS11 modules, the browser may become unresponsive and fail to load websites over HTTPS. (Bug 1682881)
•	**Is this code covered by automated tests?:** Yes, but using certain third-party PKCS11 modules is what triggers the deadlock. There is no test that reproduces this.
•	**Has the fix been verified in Nightly?:** Yes. The code landed in m-c in https://hg.mozilla.org/mozilla-central/rev/bc61343b5d68. Verified in Beta.
•	**List of other uplifts needed:** None.
•	**Risk to taking this patch:** Low-medium. The bugfix code has not been run in release yet, but it seems to have stopped these crash reports in 85.
•	**Why is the change risky/not risky? (and alternatives if risky):** The fix landed in Nightly 85 and is now in Beta. It has been verified with both Firefox and curl using NSS. It's a relatively simple relaxation of the previous patch, removing the nested locking that caused the deadlock. 
•	**String changes made/needed:** None

Back to Bug 1683004 Comment 3