Closed Bug 1819497 Opened 2 years ago Closed 1 year ago

ThreadSanitizer: data race [@ mozilla::GetExtensionName] vs. [@ mozilla::GetExtensionName]

Categories

(Core :: Graphics: CanvasWebGL, defect, P1)

Product:
Core
Component:
Graphics: CanvasWebGL
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
119 Branch
Tracking Flags:
Tracking Status
firefox-esr102 --- wontfix
firefox-esr115 --- wontfix
firefox112 --- wontfix
firefox117 --- wontfix
firefox118 --- wontfix
firefox119 + fixed

People

(Reporter: tsmith, Assigned: jgilbert)

References

(Blocks 1 open bug)

Details

(Keywords: csectype-race, sec-low, Whiteboard: [adv-main119-])

Attachments

(1 file)

Bug 1819497 - Don't race on static bool for initialization.
48 bytes, text/x-phabricator-request
Details | Review

Found while fuzzing m-c 20230207-a30d16941345 (--enable-thread-sanitizer --enable-fuzzing)

Unfortunately a reliable test case is not available. However the fuzzers are able to discover it reliably and have reported it daily since it was initially reported.

WARNING: ThreadSanitizer: data race (pid=114062)
  Read of size 1 at 0x7ff47bcda550 by thread T59:
    #0 mozilla::GetExtensionName(mozilla::WebGLExtensionID) /builds/worker/checkouts/gecko/dom/canvas/WebGLContextExtensions.cpp:24:8 (libxul.so+0x73ca98e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #1 mozilla::ClientWebGLContext::GetExtension(JSContext*, nsTSubstring<char16_t> const&, JS::MutableHandle<JSObject*>, mozilla::dom::CallerType, mozilla::ErrorResult&) /builds/worker/checkouts/gecko/dom/canvas/WebGLContextExtensions.cpp:91:27 (libxul.so+0x73caf79) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #2 mozilla::dom::WebGLRenderingContext_Binding::getExtension(JSContext*, JS::Handle<JSObject*>, void*, JSJitMethodCallArgs const&) /builds/worker/workspace/obj-build/dom/bindings/WebGLRenderingContextBinding.cpp:15659:24 (libxul.so+0x6bcf28e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #3 bool mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::NormalThisPolicy, mozilla::dom::binding_detail::ThrowExceptions>(JSContext*, unsigned int, JS::Value*) /builds/worker/checkouts/gecko/dom/bindings/BindingUtils.cpp:3318:13 (libxul.so+0x71d5614) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #4 CallJSNative /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:459:13 (libxul.so+0xc1c640b) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #5 js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:547:12 (libxul.so+0xc1c640b)
    #6 InternalCall /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:614:10 (libxul.so+0xc1bc51c) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #7 CallFromStack /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:619:10 (libxul.so+0xc1bc51c)
    #8 Interpret(JSContext*, js::RunState&) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:3362:16 (libxul.so+0xc1bc51c)
    #9 js::RunScript(JSContext*, js::RunState&) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:431:13 (libxul.so+0xc1af7ff) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #10 js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:579:13 (libxul.so+0xc1c64e0) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #11 InternalCall /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:614:10 (libxul.so+0xc1c7193) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #12 js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:646:8 (libxul.so+0xc1c7193)
    #13 JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) /builds/worker/checkouts/gecko/js/src/vm/CallAndConstruct.cpp:117:10 (libxul.so+0xc25b3fb) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #14 mozilla::dom::EventHandlerNonNull::Call(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::Event&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/EventHandlerBinding.cpp:65:37 (libxul.so+0x6f04c66) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #15 Call<nsCOMPtr<mozilla::dom::EventTarget> > /builds/worker/workspace/obj-build/dist/include/mozilla/dom/EventHandlerBinding.h:82:12 (libxul.so+0x789e626) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #16 mozilla::JSEventHandler::HandleEvent(mozilla::dom::Event*) /builds/worker/checkouts/gecko/dom/events/JSEventHandler.cpp:199:12 (libxul.so+0x789e626)
    #17 mozilla::EventListenerManager::HandleEventSubType(mozilla::EventListenerManager::Listener*, mozilla::dom::Event*, mozilla::dom::EventTarget*) /builds/worker/checkouts/gecko/dom/events/EventListenerManager.cpp:1314:22 (libxul.so+0x787670e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #18 mozilla::EventListenerManager::HandleEventInternal(nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event**, mozilla::dom::EventTarget*, nsEventStatus*, bool) /builds/worker/checkouts/gecko/dom/events/EventListenerManager.cpp:1504:17 (libxul.so+0x7877521) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #19 HandleEvent /builds/worker/checkouts/gecko/dom/events/EventListenerManager.h:395:5 (libxul.so+0x786c052) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #20 mozilla::EventTargetChainItem::HandleEvent(mozilla::EventChainPostVisitor&, mozilla::ELMCreationDetector&) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:347:17 (libxul.so+0x786c052)
    #21 mozilla::EventTargetChainItem::HandleEventTargetChain(nsTArray<mozilla::EventTargetChainItem>&, mozilla::EventChainPostVisitor&, mozilla::EventDispatchingCallback*, mozilla::ELMCreationDetector&) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:549:16 (libxul.so+0x786b424) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #22 mozilla::EventDispatcher::Dispatch(nsISupports*, nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsEventStatus*, mozilla::EventDispatchingCallback*, nsTArray<mozilla::dom::EventTarget*>*) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:1122:11 (libxul.so+0x786e145) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #23 mozilla::EventDispatcher::DispatchDOMEvent(nsISupports*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsPresContext*, nsEventStatus*) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp (libxul.so+0x7871320) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #24 mozilla::DOMEventTargetHelper::DispatchEvent(mozilla::dom::Event&, mozilla::dom::CallerType, mozilla::ErrorResult&) /builds/worker/checkouts/gecko/dom/events/DOMEventTargetHelper.cpp:176:17 (libxul.so+0x7842d56) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #25 mozilla::dom::EventTarget::DispatchEvent(mozilla::dom::Event&) /builds/worker/checkouts/gecko/dom/events/EventTarget.cpp:180:13 (libxul.so+0x787ee86) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #26 mozilla::dom::MessageEventRunnable::DispatchDOMEvent(JSContext*, mozilla::dom::WorkerPrivate*, mozilla::DOMEventTargetHelper*, bool) /builds/worker/checkouts/gecko/dom/workers/MessageEventRunnable.cpp:104:12 (libxul.so+0x8e4c62e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #27 mozilla::dom::MessageEventRunnable::WorkerRun(JSContext*, mozilla::dom::WorkerPrivate*) /builds/worker/checkouts/gecko/dom/workers/MessageEventRunnable.cpp (libxul.so+0x8e4cc56) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #28 mozilla::dom::WorkerRunnable::Run() /builds/worker/checkouts/gecko/dom/workers/WorkerRunnable.cpp:377:12 (libxul.so+0x8e93798) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #29 nsThread::ProcessNextEvent(bool, bool*) /builds/worker/checkouts/gecko/xpcom/threads/nsThread.cpp:1219:16 (libxul.so+0x42f151e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #30 NS_ProcessNextEvent(nsIThread*, bool) /builds/worker/checkouts/gecko/xpcom/threads/nsThreadUtils.cpp:477:10 (libxul.so+0x42f7de6) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #31 mozilla::dom::WorkerPrivate::DoRunLoop(JSContext*) /builds/worker/checkouts/gecko/dom/workers/WorkerPrivate.cpp:3275:7 (libxul.so+0x8e833fa) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #32 mozilla::dom::workerinternals::(anonymous namespace)::WorkerThreadPrimaryRunnable::Run() /builds/worker/checkouts/gecko/dom/workers/RuntimeService.cpp:2044:42 (libxul.so+0x8e6b86d) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #33 nsThread::ProcessNextEvent(bool, bool*) /builds/worker/checkouts/gecko/xpcom/threads/nsThread.cpp:1219:16 (libxul.so+0x42f151e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #34 NS_ProcessNextEvent(nsIThread*, bool) /builds/worker/checkouts/gecko/xpcom/threads/nsThreadUtils.cpp:477:10 (libxul.so+0x42f7de6) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #35 mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) /builds/worker/checkouts/gecko/ipc/glue/MessagePump.cpp:300:20 (libxul.so+0x5010fce) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #36 RunInternal /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:381:10 (libxul.so+0x4f29b17) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #37 RunHandler /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:374:3 (libxul.so+0x4f29b17)
    #38 MessageLoop::Run() /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:356:3 (libxul.so+0x4f29b17)
    #39 nsThread::ThreadFunc(void*) /builds/worker/checkouts/gecko/xpcom/threads/nsThread.cpp:384:10 (libxul.so+0x42ec6b2) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #40 _pt_root /builds/worker/checkouts/gecko/nsprpub/pr/src/pthreads/ptthread.c:201:5 (libnspr4.so+0x523e3) (BuildId: 8c5c8c99aa8ac4fd06563cefa38dfca8e80cc54b)

  Previous write of size 1 at 0x7ff47bcda550 by thread T54:
    #0 mozilla::GetExtensionName(mozilla::WebGLExtensionID) /builds/worker/checkouts/gecko/dom/canvas/WebGLContextExtensions.cpp:25:17 (libxul.so+0x73ca9a7) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #1 mozilla::ClientWebGLContext::GetExtension(JSContext*, nsTSubstring<char16_t> const&, JS::MutableHandle<JSObject*>, mozilla::dom::CallerType, mozilla::ErrorResult&) /builds/worker/checkouts/gecko/dom/canvas/WebGLContextExtensions.cpp:91:27 (libxul.so+0x73caf79) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #2 mozilla::dom::WebGLRenderingContext_Binding::getExtension(JSContext*, JS::Handle<JSObject*>, void*, JSJitMethodCallArgs const&) /builds/worker/workspace/obj-build/dom/bindings/WebGLRenderingContextBinding.cpp:15659:24 (libxul.so+0x6bcf28e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #3 bool mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::NormalThisPolicy, mozilla::dom::binding_detail::ThrowExceptions>(JSContext*, unsigned int, JS::Value*) /builds/worker/checkouts/gecko/dom/bindings/BindingUtils.cpp:3318:13 (libxul.so+0x71d5614) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #4 CallJSNative /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:459:13 (libxul.so+0xc1c640b) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #5 js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:547:12 (libxul.so+0xc1c640b)
    #6 InternalCall /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:614:10 (libxul.so+0xc1bc51c) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #7 CallFromStack /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:619:10 (libxul.so+0xc1bc51c)
    #8 Interpret(JSContext*, js::RunState&) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:3362:16 (libxul.so+0xc1bc51c)
    #9 js::RunScript(JSContext*, js::RunState&) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:431:13 (libxul.so+0xc1af7ff) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #10 js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:579:13 (libxul.so+0xc1c64e0) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #11 InternalCall /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:614:10 (libxul.so+0xc1c7193) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #12 js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:646:8 (libxul.so+0xc1c7193)
    #13 JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) /builds/worker/checkouts/gecko/js/src/vm/CallAndConstruct.cpp:117:10 (libxul.so+0xc25b3fb) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #14 mozilla::dom::EventHandlerNonNull::Call(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::Event&, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/EventHandlerBinding.cpp:65:37 (libxul.so+0x6f04c66) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #15 Call<nsCOMPtr<mozilla::dom::EventTarget> > /builds/worker/workspace/obj-build/dist/include/mozilla/dom/EventHandlerBinding.h:82:12 (libxul.so+0x789e626) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #16 mozilla::JSEventHandler::HandleEvent(mozilla::dom::Event*) /builds/worker/checkouts/gecko/dom/events/JSEventHandler.cpp:199:12 (libxul.so+0x789e626)
    #17 mozilla::EventListenerManager::HandleEventSubType(mozilla::EventListenerManager::Listener*, mozilla::dom::Event*, mozilla::dom::EventTarget*) /builds/worker/checkouts/gecko/dom/events/EventListenerManager.cpp:1314:22 (libxul.so+0x787670e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #18 mozilla::EventListenerManager::HandleEventInternal(nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event**, mozilla::dom::EventTarget*, nsEventStatus*, bool) /builds/worker/checkouts/gecko/dom/events/EventListenerManager.cpp:1504:17 (libxul.so+0x7877521) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #19 HandleEvent /builds/worker/checkouts/gecko/dom/events/EventListenerManager.h:395:5 (libxul.so+0x786c052) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #20 mozilla::EventTargetChainItem::HandleEvent(mozilla::EventChainPostVisitor&, mozilla::ELMCreationDetector&) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:347:17 (libxul.so+0x786c052)
    #21 mozilla::EventTargetChainItem::HandleEventTargetChain(nsTArray<mozilla::EventTargetChainItem>&, mozilla::EventChainPostVisitor&, mozilla::EventDispatchingCallback*, mozilla::ELMCreationDetector&) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:549:16 (libxul.so+0x786b424) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #22 mozilla::EventDispatcher::Dispatch(nsISupports*, nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsEventStatus*, mozilla::EventDispatchingCallback*, nsTArray<mozilla::dom::EventTarget*>*) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:1122:11 (libxul.so+0x786e145) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #23 mozilla::EventDispatcher::DispatchDOMEvent(nsISupports*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsPresContext*, nsEventStatus*) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp (libxul.so+0x7871320) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #24 mozilla::DOMEventTargetHelper::DispatchEvent(mozilla::dom::Event&, mozilla::dom::CallerType, mozilla::ErrorResult&) /builds/worker/checkouts/gecko/dom/events/DOMEventTargetHelper.cpp:176:17 (libxul.so+0x7842d56) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #25 mozilla::dom::EventTarget::DispatchEvent(mozilla::dom::Event&) /builds/worker/checkouts/gecko/dom/events/EventTarget.cpp:180:13 (libxul.so+0x787ee86) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #26 mozilla::dom::MessageEventRunnable::DispatchDOMEvent(JSContext*, mozilla::dom::WorkerPrivate*, mozilla::DOMEventTargetHelper*, bool) /builds/worker/checkouts/gecko/dom/workers/MessageEventRunnable.cpp:104:12 (libxul.so+0x8e4c62e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #27 mozilla::dom::MessageEventRunnable::WorkerRun(JSContext*, mozilla::dom::WorkerPrivate*) /builds/worker/checkouts/gecko/dom/workers/MessageEventRunnable.cpp (libxul.so+0x8e4cc56) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #28 mozilla::dom::WorkerRunnable::Run() /builds/worker/checkouts/gecko/dom/workers/WorkerRunnable.cpp:377:12 (libxul.so+0x8e93798) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #29 nsThread::ProcessNextEvent(bool, bool*) /builds/worker/checkouts/gecko/xpcom/threads/nsThread.cpp:1219:16 (libxul.so+0x42f151e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #30 NS_ProcessNextEvent(nsIThread*, bool) /builds/worker/checkouts/gecko/xpcom/threads/nsThreadUtils.cpp:477:10 (libxul.so+0x42f7de6) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #31 mozilla::dom::WorkerPrivate::DoRunLoop(JSContext*) /builds/worker/checkouts/gecko/dom/workers/WorkerPrivate.cpp:3275:7 (libxul.so+0x8e833fa) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #32 mozilla::dom::workerinternals::(anonymous namespace)::WorkerThreadPrimaryRunnable::Run() /builds/worker/checkouts/gecko/dom/workers/RuntimeService.cpp:2044:42 (libxul.so+0x8e6b86d) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #33 nsThread::ProcessNextEvent(bool, bool*) /builds/worker/checkouts/gecko/xpcom/threads/nsThread.cpp:1219:16 (libxul.so+0x42f151e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #34 NS_ProcessNextEvent(nsIThread*, bool) /builds/worker/checkouts/gecko/xpcom/threads/nsThreadUtils.cpp:477:10 (libxul.so+0x42f7de6) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #35 mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) /builds/worker/checkouts/gecko/ipc/glue/MessagePump.cpp:300:20 (libxul.so+0x5010fce) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #36 RunInternal /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:381:10 (libxul.so+0x4f29b17) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #37 RunHandler /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:374:3 (libxul.so+0x4f29b17)
    #38 MessageLoop::Run() /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:356:3 (libxul.so+0x4f29b17)
    #39 nsThread::ThreadFunc(void*) /builds/worker/checkouts/gecko/xpcom/threads/nsThread.cpp:384:10 (libxul.so+0x42ec6b2) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #40 _pt_root /builds/worker/checkouts/gecko/nsprpub/pr/src/pthreads/ptthread.c:201:5 (libnspr4.so+0x523e3) (BuildId: 8c5c8c99aa8ac4fd06563cefa38dfca8e80cc54b)

  Location is global 'mozilla::GetExtensionName(mozilla::WebGLExtensionID)::initialized' of size 1 at 0x7ff47bcda550 (libxul.so+0xef42550)

  Thread T59 'DOM Worker' (tid=117070, running) created by main thread at:
    #0 pthread_create /builds/worker/fetches/llvm-project/compiler-rt/lib/tsan/rtl/tsan_interceptors_posix.cpp:1022:3 (firefox-bin+0xc20cd) (BuildId: 4e33ff7caae81f8148342b4dcc6b909455226a50)
    #1 _PR_CreateThread /builds/worker/checkouts/gecko/nsprpub/pr/src/pthreads/ptthread.c:458:14 (libnspr4.so+0x4948f) (BuildId: 8c5c8c99aa8ac4fd06563cefa38dfca8e80cc54b)
    #2 PR_CreateThread /builds/worker/checkouts/gecko/nsprpub/pr/src/pthreads/ptthread.c:533:12 (libnspr4.so+0x3e2a5) (BuildId: 8c5c8c99aa8ac4fd06563cefa38dfca8e80cc54b)
    #3 nsThread::Init(nsTSubstring<char> const&) /builds/worker/checkouts/gecko/xpcom/threads/nsThread.cpp:619:18 (libxul.so+0x42ee297) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #4 mozilla::dom::WorkerThread::Create(mozilla::dom::WorkerThreadFriendKey const&) /builds/worker/checkouts/gecko/dom/workers/WorkerThread.cpp:102:7 (libxul.so+0x8e9e13b) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #5 mozilla::dom::workerinternals::RuntimeService::ScheduleWorker(mozilla::dom::WorkerPrivate&) /builds/worker/checkouts/gecko/dom/workers/RuntimeService.cpp:1325:37 (libxul.so+0x8e4f502) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #6 mozilla::dom::workerinternals::RuntimeService::RegisterWorker(mozilla::dom::WorkerPrivate&) /builds/worker/checkouts/gecko/dom/workers/RuntimeService.cpp:1207:19 (libxul.so+0x8e4e949) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #7 mozilla::dom::WorkerPrivate::Constructor(JSContext*, nsTSubstring<char16_t> const&, bool, mozilla::dom::WorkerKind, mozilla::dom::RequestCredentials, mozilla::dom::WorkerType, nsTSubstring<char16_t> const&, nsTSubstring<char> const&, mozilla::dom::WorkerLoadInfo*, mozilla::ErrorResult&, nsTString<char16_t>) /builds/worker/checkouts/gecko/dom/workers/WorkerPrivate.cpp:2649:24 (libxul.so+0x8e7fd21) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #8 mozilla::dom::Worker::Constructor(mozilla::dom::GlobalObject const&, nsTSubstring<char16_t> const&, mozilla::dom::WorkerOptions const&, mozilla::ErrorResult&) /builds/worker/checkouts/gecko/dom/workers/Worker.cpp:43:41 (libxul.so+0x8e5c085) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #9 mozilla::dom::Worker_Binding::_constructor(JSContext*, unsigned int, JS::Value*) /builds/worker/workspace/obj-build/dom/bindings/WorkerBinding.cpp:1164:52 (libxul.so+0x6cc036e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #10 CallJSNative /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:459:13 (libxul.so+0xc1c7976) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #11 CallJSNativeConstructor /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:475:8 (libxul.so+0xc1c7976)
    #12 InternalConstruct(JSContext*, js::AnyConstructArgs const&, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:694:10 (libxul.so+0xc1c7976)
    #13 ConstructFromStack /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:722:10 (libxul.so+0xc1bc553) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #14 Interpret(JSContext*, js::RunState&) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:3347:16 (libxul.so+0xc1bc553)
    #15 js::RunScript(JSContext*, js::RunState&) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:431:13 (libxul.so+0xc1af7ff) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #16 js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:579:13 (libxul.so+0xc1c64e0) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #17 InternalCall /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:614:10 (libxul.so+0xc1c7193) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #18 js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:646:8 (libxul.so+0xc1c7193)
    #19 js::CallSelfHostedFunction(JSContext*, JS::Handle<js::PropertyName*>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>) /builds/worker/checkouts/gecko/js/src/vm/SelfHosting.cpp:1488:10 (libxul.so+0xc4513f0) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #20 AsyncFunctionResume(JSContext*, JS::Handle<js::AsyncFunctionGeneratorObject*>, ResumeKind, JS::Handle<JS::Value>) /builds/worker/checkouts/gecko/js/src/vm/AsyncFunction.cpp:149:8 (libxul.so+0xc23b1e2) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #21 js::AsyncFunctionAwaitedFulfilled(JSContext*, JS::Handle<js::AsyncFunctionGeneratorObject*>, JS::Handle<JS::Value>) /builds/worker/checkouts/gecko/js/src/vm/AsyncFunction.cpp:190:10 (libxul.so+0xc23af17) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #22 AsyncFunctionPromiseReactionJob /builds/worker/checkouts/gecko/js/src/builtin/Promise.cpp:2111:12 (libxul.so+0xc3e08dd) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #23 PromiseReactionJob(JSContext*, unsigned int, JS::Value*) /builds/worker/checkouts/gecko/js/src/builtin/Promise.cpp:2174:12 (libxul.so+0xc3e08dd)
    #24 CallJSNative /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:459:13 (libxul.so+0xc1c640b) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #25 js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:547:12 (libxul.so+0xc1c640b)
    #26 InternalCall /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:614:10 (libxul.so+0xc1c7193) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #27 js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:646:8 (libxul.so+0xc1c7193)
    #28 JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) /builds/worker/checkouts/gecko/js/src/vm/CallAndConstruct.cpp:117:10 (libxul.so+0xc25b3fb) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #29 mozilla::dom::PromiseJobCallback::Call(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/PromiseBinding.cpp:83:8 (libxul.so+0x65f4973) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #30 Call /builds/worker/workspace/obj-build/dist/include/mozilla/dom/PromiseBinding.h:198:12 (libxul.so+0x41d194d) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #31 Call /builds/worker/workspace/obj-build/dist/include/mozilla/dom/PromiseBinding.h:211:12 (libxul.so+0x41d194d)
    #32 mozilla::PromiseJobRunnable::Run(mozilla::AutoSlowOperation&) /builds/worker/checkouts/gecko/xpcom/base/CycleCollectedJSContext.cpp:213:18 (libxul.so+0x41d194d)
    #33 mozilla::CycleCollectedJSContext::PerformMicroTaskCheckPoint(bool) /builds/worker/checkouts/gecko/xpcom/base/CycleCollectedJSContext.cpp:676:17 (libxul.so+0x41be046) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #34 LeaveMicroTask /builds/worker/workspace/obj-build/dist/include/mozilla/CycleCollectedJSContext.h:246:7 (libxul.so+0x71e7d91) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #35 mozilla::dom::CallbackObject::CallSetup::~CallSetup() /builds/worker/checkouts/gecko/dom/bindings/CallbackObject.cpp:393:11 (libxul.so+0x71e7d91)
    #36 ReceiveMessage /builds/worker/workspace/obj-build/dist/include/mozilla/dom/MessageManagerBinding.h:655:3 (libxul.so+0x8e30be7) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #37 mozilla::dom::JSActor::CallReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) /builds/worker/checkouts/gecko/dom/ipc/jsactor/JSActor.cpp:283:22 (libxul.so+0x8e30be7)
    #38 mozilla::dom::JSActor::ReceiveMessage(JSContext*, mozilla::dom::JSActorMessageMeta const&, JS::Handle<JS::Value>, mozilla::ErrorResult&) /builds/worker/checkouts/gecko/dom/ipc/jsactor/JSActor.cpp:299:3 (libxul.so+0x8e30f7b) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #39 mozilla::dom::JSActorManager::ReceiveRawMessage(mozilla::dom::JSActorMessageMeta const&, mozilla::Maybe<mozilla::dom::ipc::StructuredCloneData>&&, mozilla::Maybe<mozilla::dom::ipc::StructuredCloneData>&&) /builds/worker/checkouts/gecko/dom/ipc/jsactor/JSActorManager.cpp:202:14 (libxul.so+0x8e3455e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #40 mozilla::dom::WindowGlobalChild::RecvRawMessage(mozilla::dom::JSActorMessageMeta const&, mozilla::Maybe<mozilla::dom::ClonedMessageData> const&, mozilla::Maybe<mozilla::dom::ClonedMessageData> const&) /builds/worker/checkouts/gecko/dom/ipc/WindowGlobalChild.cpp:545:3 (libxul.so+0x8bfc919) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #41 mozilla::dom::PWindowGlobalChild::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PWindowGlobalChild.cpp:1671:85 (libxul.so+0x8e12817) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #42 mozilla::dom::PContentChild::OnMessageReceived(IPC::Message const&) /builds/worker/workspace/obj-build/ipc/ipdl/PContentChild.cpp:8784:32 (libxul.so+0x8cf826a) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #43 mozilla::dom::ContentChild::OnMessageReceived(IPC::Message const&) /builds/worker/checkouts/gecko/dom/ipc/ContentChild.cpp:3744:25 (libxul.so+0x8b42273) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #44 mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) /builds/worker/checkouts/gecko/ipc/glue/MessageChannel.cpp:1800:25 (libxul.so+0x500bb9c) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #45 mozilla::ipc::MessageChannel::DispatchMessage(mozilla::ipc::ActorLifecycleProxy*, mozilla::UniquePtr<IPC::Message, mozilla::DefaultDelete<IPC::Message>>) /builds/worker/checkouts/gecko/ipc/glue/MessageChannel.cpp:1725:9 (libxul.so+0x5009f57) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #46 mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::ActorLifecycleProxy*, mozilla::ipc::MessageChannel::MessageTask&) /builds/worker/checkouts/gecko/ipc/glue/MessageChannel.cpp:1525:3 (libxul.so+0x500a60b) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #47 mozilla::ipc::MessageChannel::MessageTask::Run() /builds/worker/checkouts/gecko/ipc/glue/MessageChannel.cpp:1623:14 (libxul.so+0x500b1ae) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #48 mozilla::RunnableTask::Run() /builds/worker/checkouts/gecko/xpcom/threads/TaskController.cpp:539:16 (libxul.so+0x42d7a4f) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #49 mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) /builds/worker/checkouts/gecko/xpcom/threads/TaskController.cpp:852:26 (libxul.so+0x42d0b0d) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #50 mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) /builds/worker/checkouts/gecko/xpcom/threads/TaskController.cpp:684:15 (libxul.so+0x42cf086) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #51 mozilla::TaskController::ProcessPendingMTTask(bool) /builds/worker/checkouts/gecko/xpcom/threads/TaskController.cpp:462:36 (libxul.so+0x42cf460) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #52 operator() /builds/worker/checkouts/gecko/xpcom/threads/TaskController.cpp:188:37 (libxul.so+0x42da657) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #53 mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_2>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:546:5 (libxul.so+0x42da657)
    #54 nsThread::ProcessNextEvent(bool, bool*) /builds/worker/checkouts/gecko/xpcom/threads/nsThread.cpp:1225:16 (libxul.so+0x42f121b) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #55 NS_ProcessNextEvent(nsIThread*, bool) /builds/worker/checkouts/gecko/xpcom/threads/nsThreadUtils.cpp:477:10 (libxul.so+0x42f7de6) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #56 mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) /builds/worker/checkouts/gecko/ipc/glue/MessagePump.cpp:85:21 (libxul.so+0x50103ab) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #57 mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) /builds/worker/checkouts/gecko/ipc/glue/MessagePump.cpp:268:30 (libxul.so+0x5010edb) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #58 RunInternal /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:381:10 (libxul.so+0x4f29b17) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #59 RunHandler /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:374:3 (libxul.so+0x4f29b17)
    #60 MessageLoop::Run() /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:356:3 (libxul.so+0x4f29b17)
    #61 nsBaseAppShell::Run() /builds/worker/checkouts/gecko/widget/nsBaseAppShell.cpp:148:27 (libxul.so+0x9423f56) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #62 XRE_RunAppShell() /builds/worker/checkouts/gecko/toolkit/xre/nsEmbedFunctions.cpp:742:20 (libxul.so+0xbf546dc) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #63 mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) /builds/worker/checkouts/gecko/ipc/glue/MessagePump.cpp:235:9 (libxul.so+0x5010e8d) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #64 RunInternal /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:381:10 (libxul.so+0x4f29b17) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #65 RunHandler /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:374:3 (libxul.so+0x4f29b17)
    #66 MessageLoop::Run() /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:356:3 (libxul.so+0x4f29b17)
    #67 XRE_InitChildProcess(int, char**, XREChildData const*) /builds/worker/checkouts/gecko/toolkit/xre/nsEmbedFunctions.cpp:675:34 (libxul.so+0xbf54329) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #68 mozilla::BootstrapImpl::XRE_InitChildProcess(int, char**, XREChildData const*) /builds/worker/checkouts/gecko/toolkit/xre/Bootstrap.cpp:67:12 (libxul.so+0xbf5e872) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #69 content_process_main /builds/worker/checkouts/gecko/browser/app/../../ipc/contentproc/plugin-container.cpp:57:28 (firefox-bin+0x142da3) (BuildId: 4e33ff7caae81f8148342b4dcc6b909455226a50)
    #70 main /builds/worker/checkouts/gecko/browser/app/nsBrowserApp.cpp:353:18 (firefox-bin+0x142da3)

  Thread T54 'DOM Worker' (tid=117065, running) created by main thread at:
    #0 pthread_create /builds/worker/fetches/llvm-project/compiler-rt/lib/tsan/rtl/tsan_interceptors_posix.cpp:1022:3 (firefox-bin+0xc20cd) (BuildId: 4e33ff7caae81f8148342b4dcc6b909455226a50)
    #1 _PR_CreateThread /builds/worker/checkouts/gecko/nsprpub/pr/src/pthreads/ptthread.c:458:14 (libnspr4.so+0x4948f) (BuildId: 8c5c8c99aa8ac4fd06563cefa38dfca8e80cc54b)
    #2 PR_CreateThread /builds/worker/checkouts/gecko/nsprpub/pr/src/pthreads/ptthread.c:533:12 (libnspr4.so+0x3e2a5) (BuildId: 8c5c8c99aa8ac4fd06563cefa38dfca8e80cc54b)
    #3 nsThread::Init(nsTSubstring<char> const&) /builds/worker/checkouts/gecko/xpcom/threads/nsThread.cpp:619:18 (libxul.so+0x42ee297) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #4 mozilla::dom::WorkerThread::Create(mozilla::dom::WorkerThreadFriendKey const&) /builds/worker/checkouts/gecko/dom/workers/WorkerThread.cpp:102:7 (libxul.so+0x8e9e13b) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #5 mozilla::dom::workerinternals::RuntimeService::ScheduleWorker(mozilla::dom::WorkerPrivate&) /builds/worker/checkouts/gecko/dom/workers/RuntimeService.cpp:1325:37 (libxul.so+0x8e4f502) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #6 mozilla::dom::workerinternals::RuntimeService::RegisterWorker(mozilla::dom::WorkerPrivate&) /builds/worker/checkouts/gecko/dom/workers/RuntimeService.cpp:1207:19 (libxul.so+0x8e4e949) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #7 mozilla::dom::WorkerPrivate::Constructor(JSContext*, nsTSubstring<char16_t> const&, bool, mozilla::dom::WorkerKind, mozilla::dom::RequestCredentials, mozilla::dom::WorkerType, nsTSubstring<char16_t> const&, nsTSubstring<char> const&, mozilla::dom::WorkerLoadInfo*, mozilla::ErrorResult&, nsTString<char16_t>) /builds/worker/checkouts/gecko/dom/workers/WorkerPrivate.cpp:2649:24 (libxul.so+0x8e7fd21) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #8 mozilla::dom::Worker::Constructor(mozilla::dom::GlobalObject const&, nsTSubstring<char16_t> const&, mozilla::dom::WorkerOptions const&, mozilla::ErrorResult&) /builds/worker/checkouts/gecko/dom/workers/Worker.cpp:43:41 (libxul.so+0x8e5c085) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #9 mozilla::dom::Worker_Binding::_constructor(JSContext*, unsigned int, JS::Value*) /builds/worker/workspace/obj-build/dom/bindings/WorkerBinding.cpp:1164:52 (libxul.so+0x6cc036e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #10 CallJSNative /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:459:13 (libxul.so+0xc1c7976) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #11 CallJSNativeConstructor /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:475:8 (libxul.so+0xc1c7976)
    #12 InternalConstruct(JSContext*, js::AnyConstructArgs const&, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:694:10 (libxul.so+0xc1c7976)
    #13 ConstructFromStack /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:722:10 (libxul.so+0xc1bc553) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #14 Interpret(JSContext*, js::RunState&) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:3347:16 (libxul.so+0xc1bc553)
    #15 js::RunScript(JSContext*, js::RunState&) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:431:13 (libxul.so+0xc1af7ff) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #16 js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:579:13 (libxul.so+0xc1c64e0) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #17 InternalCall /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:614:10 (libxul.so+0xc1c7193) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #18 js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:646:8 (libxul.so+0xc1c7193)
    #19 JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) /builds/worker/checkouts/gecko/js/src/vm/CallAndConstruct.cpp:117:10 (libxul.so+0xc25b3fb) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #20 mozilla::dom::EventListener::HandleEvent(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::Event&, mozilla::ErrorResult&) /builds/worker/workspace/obj-build/dom/bindings/EventListenerBinding.cpp:62:8 (libxul.so+0x6f078a7) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #21 HandleEvent<mozilla::dom::EventTarget *> /builds/worker/workspace/obj-build/dist/include/mozilla/dom/EventListenerBinding.h:65:12 (libxul.so+0x78766f8) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #22 mozilla::EventListenerManager::HandleEventSubType(mozilla::EventListenerManager::Listener*, mozilla::dom::Event*, mozilla::dom::EventTarget*) /builds/worker/checkouts/gecko/dom/events/EventListenerManager.cpp:1308:43 (libxul.so+0x78766f8)
    #23 mozilla::EventListenerManager::HandleEventInternal(nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event**, mozilla::dom::EventTarget*, nsEventStatus*, bool) /builds/worker/checkouts/gecko/dom/events/EventListenerManager.cpp:1504:17 (libxul.so+0x78774f2) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #24 HandleEvent /builds/worker/checkouts/gecko/dom/events/EventListenerManager.h:395:5 (libxul.so+0x786c052) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #25 mozilla::EventTargetChainItem::HandleEvent(mozilla::EventChainPostVisitor&, mozilla::ELMCreationDetector&) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:347:17 (libxul.so+0x786c052)
    #26 mozilla::EventTargetChainItem::HandleEventTargetChain(nsTArray<mozilla::EventTargetChainItem>&, mozilla::EventChainPostVisitor&, mozilla::EventDispatchingCallback*, mozilla::ELMCreationDetector&) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:549:16 (libxul.so+0x786b424) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #27 mozilla::EventDispatcher::Dispatch(nsISupports*, nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsEventStatus*, mozilla::EventDispatchingCallback*, nsTArray<mozilla::dom::EventTarget*>*) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:1122:11 (libxul.so+0x786e145) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #28 nsDocumentViewer::LoadComplete(nsresult) /builds/worker/checkouts/gecko/layout/base/nsDocumentViewer.cpp:1082:7 (libxul.so+0x98d32b1) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #29 nsDocShell::EndPageLoad(nsIWebProgress*, nsIChannel*, nsresult) /builds/worker/checkouts/gecko/docshell/base/nsDocShell.cpp:6449:20 (libxul.so+0xb67ac2a) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #30 nsDocShell::OnStateChange(nsIWebProgress*, nsIRequest*, unsigned int, nsresult) /builds/worker/checkouts/gecko/docshell/base/nsDocShell.cpp:5842:7 (libxul.so+0xb67a4a9) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #31 non-virtual thunk to nsDocShell::OnStateChange(nsIWebProgress*, nsIRequest*, unsigned int, nsresult) /builds/worker/checkouts/gecko/docshell/base/nsDocShell.cpp (libxul.so+0xb67b47b) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #32 nsDocLoader::DoFireOnStateChange(nsIWebProgress*, nsIRequest*, int&, nsresult) /builds/worker/checkouts/gecko/uriloader/base/nsDocLoader.cpp:1380:3 (libxul.so+0x52f23ee) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #33 nsDocLoader::doStopDocumentLoad(nsIRequest*, nsresult) /builds/worker/checkouts/gecko/uriloader/base/nsDocLoader.cpp:978:14 (libxul.so+0x52f1adf) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #34 nsDocLoader::DocLoaderIsEmpty(bool, mozilla::Maybe<nsresult> const&) /builds/worker/checkouts/gecko/uriloader/base/nsDocLoader.cpp:797:9 (libxul.so+0x52efa66) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #35 nsDocLoader::OnStopRequest(nsIRequest*, nsresult) /builds/worker/checkouts/gecko/uriloader/base/nsDocLoader.cpp:680:5 (libxul.so+0x52f0ea9) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #36 nsDocShell::OnStopRequest(nsIRequest*, nsresult) /builds/worker/checkouts/gecko/docshell/base/nsDocShell.cpp:13868:23 (libxul.so+0xb6995be) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #37 non-virtual thunk to nsDocShell::OnStopRequest(nsIRequest*, nsresult) /builds/worker/checkouts/gecko/docshell/base/nsDocShell.cpp (libxul.so+0xb6997e8) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #38 mozilla::net::nsLoadGroup::NotifyRemovalObservers(nsIRequest*, nsresult) /builds/worker/checkouts/gecko/netwerk/base/nsLoadGroup.cpp:628:22 (libxul.so+0x44e0bd0) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #39 mozilla::net::nsLoadGroup::RemoveRequest(nsIRequest*, nsISupports*, nsresult) /builds/worker/checkouts/gecko/netwerk/base/nsLoadGroup.cpp:532:10 (libxul.so+0x44e2282) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #40 imgRequestProxy::RemoveFromLoadGroup() /builds/worker/checkouts/gecko/image/imgRequestProxy.cpp:394:15 (libxul.so+0x5b9881e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #41 imgRequestProxy::OnLoadComplete(bool) /builds/worker/checkouts/gecko/image/imgRequestProxy.cpp:1066:7 (libxul.so+0x5b9db62) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #42 non-virtual thunk to imgRequestProxy::OnLoadComplete(bool) /builds/worker/checkouts/gecko/image/imgRequestProxy.cpp (libxul.so+0x5b9dd02) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #43 operator() /builds/worker/checkouts/gecko/image/ProgressTracker.cpp:356:13 (libxul.so+0x5b7ad44) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #44 void mozilla::image::ImageObserverNotifier<mozilla::image::ObserverTable const*>::operator()<void mozilla::image::SyncNotifyInternal<mozilla::image::ObserverTable const*>(mozilla::image::ObserverTable const* const&, bool, unsigned int, mozilla::gfx::IntRectTyped<mozilla::gfx::UnknownUnits> const&)::'lambda5'(mozilla::image::IProgressObserver*)>(mozilla::image::ObserverTable const*) /builds/worker/checkouts/gecko/image/ProgressTracker.cpp:286:9 (libxul.so+0x5b7ad44)
    #45 void mozilla::image::SyncNotifyInternal<mozilla::image::ObserverTable const*>(mozilla::image::ObserverTable const* const&, bool, unsigned int, mozilla::gfx::IntRectTyped<mozilla::gfx::UnknownUnits> const&) /builds/worker/checkouts/gecko/image/ProgressTracker.cpp:355:5 (libxul.so+0x5b7a289) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #46 operator() /builds/worker/checkouts/gecko/image/ProgressTracker.cpp:374:5 (libxul.so+0x5b5166b) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #47 Read<(lambda at /builds/worker/checkouts/gecko/image/ProgressTracker.cpp:373:19)> /builds/worker/checkouts/gecko/image/CopyOnWrite.h:155:12 (libxul.so+0x5b5166b)
    #48 mozilla::image::ProgressTracker::SyncNotifyProgress(unsigned int, mozilla::gfx::IntRectTyped<mozilla::gfx::UnknownUnits> const&) /builds/worker/checkouts/gecko/image/ProgressTracker.cpp:373:14 (libxul.so+0x5b5166b)
    #49 mozilla::image::VectorImage::OnSVGDocumentLoaded() /builds/worker/checkouts/gecko/image/VectorImage.cpp:1493:23 (libxul.so+0x5b6fd88) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #50 mozilla::image::SVGLoadEventListener::HandleEvent(mozilla::dom::Event*) /builds/worker/checkouts/gecko/image/VectorImage.cpp:213:13 (libxul.so+0x5b72449) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #51 mozilla::EventListenerManager::HandleEventSubType(mozilla::EventListenerManager::Listener*, mozilla::dom::Event*, mozilla::dom::EventTarget*) /builds/worker/checkouts/gecko/dom/events/EventListenerManager.cpp:1314:22 (libxul.so+0x787670e) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #52 mozilla::EventListenerManager::HandleEventInternal(nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event**, mozilla::dom::EventTarget*, nsEventStatus*, bool) /builds/worker/checkouts/gecko/dom/events/EventListenerManager.cpp:1504:17 (libxul.so+0x7877521) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #53 HandleEvent /builds/worker/checkouts/gecko/dom/events/EventListenerManager.h:395:5 (libxul.so+0x786c052) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #54 mozilla::EventTargetChainItem::HandleEvent(mozilla::EventChainPostVisitor&, mozilla::ELMCreationDetector&) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:347:17 (libxul.so+0x786c052)
    #55 mozilla::EventTargetChainItem::HandleEventTargetChain(nsTArray<mozilla::EventTargetChainItem>&, mozilla::EventChainPostVisitor&, mozilla::EventDispatchingCallback*, mozilla::ELMCreationDetector&) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:549:16 (libxul.so+0x786b424) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #56 mozilla::EventDispatcher::Dispatch(nsISupports*, nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsEventStatus*, mozilla::EventDispatchingCallback*, nsTArray<mozilla::dom::EventTarget*>*) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp:1122:11 (libxul.so+0x786e145) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #57 mozilla::EventDispatcher::DispatchDOMEvent(nsISupports*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsPresContext*, nsEventStatus*) /builds/worker/checkouts/gecko/dom/events/EventDispatcher.cpp (libxul.so+0x7871320) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #58 nsINode::DispatchEvent(mozilla::dom::Event&, mozilla::dom::CallerType, mozilla::ErrorResult&) /builds/worker/checkouts/gecko/dom/base/nsINode.cpp:1373:17 (libxul.so+0x5ffe728) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #59 mozilla::dom::EventTarget::DispatchEvent(mozilla::dom::Event&) /builds/worker/checkouts/gecko/dom/events/EventTarget.cpp:180:13 (libxul.so+0x787ee86) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #60 mozilla::AsyncEventDispatcher::Run() /builds/worker/checkouts/gecko/dom/events/AsyncEventDispatcher.cpp:69:12 (libxul.so+0x78268a1) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #61 mozilla::RunnableTask::Run() /builds/worker/checkouts/gecko/xpcom/threads/TaskController.cpp:539:16 (libxul.so+0x42d7a4f) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #62 mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) /builds/worker/checkouts/gecko/xpcom/threads/TaskController.cpp:852:26 (libxul.so+0x42d0b0d) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #63 mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) /builds/worker/checkouts/gecko/xpcom/threads/TaskController.cpp:684:15 (libxul.so+0x42cf086) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #64 mozilla::TaskController::ProcessPendingMTTask(bool) /builds/worker/checkouts/gecko/xpcom/threads/TaskController.cpp:462:36 (libxul.so+0x42cf460) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #65 operator() /builds/worker/checkouts/gecko/xpcom/threads/TaskController.cpp:188:37 (libxul.so+0x42da657) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #66 mozilla::detail::RunnableFunction<mozilla::TaskController::InitializeInternal()::$_2>::Run() /builds/worker/workspace/obj-build/dist/include/nsThreadUtils.h:546:5 (libxul.so+0x42da657)
    #67 nsThread::ProcessNextEvent(bool, bool*) /builds/worker/checkouts/gecko/xpcom/threads/nsThread.cpp:1225:16 (libxul.so+0x42f121b) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #68 NS_ProcessNextEvent(nsIThread*, bool) /builds/worker/checkouts/gecko/xpcom/threads/nsThreadUtils.cpp:477:10 (libxul.so+0x42f7de6) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #69 mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) /builds/worker/checkouts/gecko/ipc/glue/MessagePump.cpp:85:21 (libxul.so+0x50103ab) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #70 mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) /builds/worker/checkouts/gecko/ipc/glue/MessagePump.cpp:268:30 (libxul.so+0x5010edb) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #71 RunInternal /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:381:10 (libxul.so+0x4f29b17) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #72 RunHandler /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:374:3 (libxul.so+0x4f29b17)
    #73 MessageLoop::Run() /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:356:3 (libxul.so+0x4f29b17)
    #74 nsBaseAppShell::Run() /builds/worker/checkouts/gecko/widget/nsBaseAppShell.cpp:148:27 (libxul.so+0x9423f56) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #75 XRE_RunAppShell() /builds/worker/checkouts/gecko/toolkit/xre/nsEmbedFunctions.cpp:742:20 (libxul.so+0xbf546dc) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #76 mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) /builds/worker/checkouts/gecko/ipc/glue/MessagePump.cpp:235:9 (libxul.so+0x5010e8d) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #77 RunInternal /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:381:10 (libxul.so+0x4f29b17) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #78 RunHandler /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:374:3 (libxul.so+0x4f29b17)
    #79 MessageLoop::Run() /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:356:3 (libxul.so+0x4f29b17)
    #80 XRE_InitChildProcess(int, char**, XREChildData const*) /builds/worker/checkouts/gecko/toolkit/xre/nsEmbedFunctions.cpp:675:34 (libxul.so+0xbf54329) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #81 mozilla::BootstrapImpl::XRE_InitChildProcess(int, char**, XREChildData const*) /builds/worker/checkouts/gecko/toolkit/xre/Bootstrap.cpp:67:12 (libxul.so+0xbf5e872) (BuildId: 67af6b114b570865de7dd242a5064efdec6712c5)
    #82 content_process_main /builds/worker/checkouts/gecko/browser/app/../../ipc/contentproc/plugin-container.cpp:57:28 (firefox-bin+0x142da3) (BuildId: 4e33ff7caae81f8148342b4dcc6b909455226a50)
    #83 main /builds/worker/checkouts/gecko/browser/app/nsBrowserApp.cpp:353:18 (firefox-bin+0x142da3)

This looks like a race on the local static initialized in GetExtensionName.

It looks like this is guarding the initialization of sExtensionNamesEnumeratedArray, which seems to map enums to strings. It isn't clear to me why this isn't a static array. That would also save us a small amount of content process overhead.

This happens early enough, and races are unreliable, that it would be very hard to exploit this even if it happened. This looks like a once-per-content-process race so you'd have to have a lot of sites to have crack at it.

Keywords: sec-low

The severity field is not set for this bug.
:jgilbert, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(jgilbert)

This is safe but easy to fix.

Assignee: nobody → jgilbert
Severity: -- → S4
Flags: needinfo?(jgilbert)
Priority: -- → P1

We could do non-racy static init here (e.g. with a static initializer
self-calling-closure), but there doesn't seem to be a strong reason for
this. Let's just use a switch and get robustness from -Werror=switch.

Comment on attachment 9352799 [details]
Bug 1819497 - Don't race on static bool for initialization.

Security Approval Request

  • How easily could an exploit be constructed based on the patch?: Very hard, and you only get one shot at it per process.
    I don't think this is exploitable.
  • Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?: Yes
  • Which older supported branches are affected by this flaw?: all
  • If not all supported branches, which bug introduced the flaw?: None
  • Do you have backports for the affected branches?: No
  • If not, how different, hard to create, and risky will they be?: They should be trivial to make, if needed.
  • How likely is this patch to cause regressions; how much testing does it need?: CI would catch this.
  • Is Android affected?: Yes
Attachment #9352799 - Flags: sec-approval?

Comment on attachment 9352799 [details]
Bug 1819497 - Don't race on static bool for initialization.

As a sec-low, this does not need sec-approval prior to landing.

Attachment #9352799 - Flags: sec-approval?
Pushed by jgilbert@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/d9cbbdb8d804
Don't race on static bool for initialization. r=gfx-reviewers,aosmond

https://hg.mozilla.org/mozilla-central/rev/d9cbbdb8d804

Group: gfx-core-security → core-security-release
Status: NEW → RESOLVED
Closed: 1 year ago
status-firefox119: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 119 Branch
QA Whiteboard: [post-critsmash-triage]
Flags: qe-verify-
Whiteboard: [adv-main119-]

Bulk-unhiding security bugs fixed in Firefox 119-121 (Fall 2023). Use "moo-doctrine-subsidy" to filter

Group: core-security-release
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: