I think we want to uplift two out of three patches that landed in bug 1457703. Moving those patches to this bug for the sake of simplicity.

Approval Request Comment [Feature/Bug causing the regression]: Bug 1257186. [User impact if declined]: Possible crash / security vulnerability. [Is this code covered by automated tests?]: Yes. [Has the fix been verified in Nightly?]: Yes. [Needs manual test from QE? If yes, steps to reproduce]: No. [List of other uplifts needed for the feature/fix]: None. [Is the change risky?]: No. [Why is the change risky/not risky?]: This is a very simple change and is covered by assertions in the patch. [String changes made/needed]: None.

Approval Request Comment [Feature/Bug causing the regression]: Bug 1064578. [User impact if declined]: Possible crash / security vulnerability. [Is this code covered by automated tests?]: Yes. [Has the fix been verified in Nightly?]: Yes. [Needs manual test from QE? If yes, steps to reproduce]: No. [List of other uplifts needed for the feature/fix]: None. [Is the change risky?]: Low risk. [Why is the change risky/not risky?]: This is a fairly mechanical change that only affects the GC. [String changes made/needed]: None.

[Approval Request Comment] If this is not a sec:{high,crit} bug, please state case for ESR consideration: sec-high bug. User impact if declined: Possible crash / security vulnerability. Fix Landed on Version: FF 62. Risk to taking this patch (and alternatives if risky): Low. String or UUID changes made by this patch: None

[Approval Request Comment] If this is not a sec:{high,crit} bug, please state case for ESR consideration: sec-high bug. User impact if declined: Possible crash / security vulnerability. Fix Landed on Version: FF 62. Risk to taking this patch (and alternatives if risky): Low. String or UUID changes made by this patch: None

[Approval Request Comment] If this is not a sec:{high,crit} bug, please state case for ESR consideration: sec-high bug. User impact if declined: Possible crash / security vulnerability. Fix Landed on Version: FF 62. Risk to taking this patch (and alternatives if risky): Low. String or UUID changes made by this patch: None

[Approval Request Comment] If this is not a sec:{high,crit} bug, please state case for ESR consideration: sec-high bug. User impact if declined: Possible crash / security vulnerability. Fix Landed on Version: FF 62. Risk to taking this patch (and alternatives if risky): Low. String or UUID changes made by this patch: None

Comment on attachment 8981527 [details] [diff] [review] compacting-thread-count-beta Fixes for various possibly-exploitable race conditions in the GC. Approved for 61.0b10, ESR 60.1, and ESR 52.9.

Jon, I tried to land this on Beta but hit (probably easy to fix) static analysis bustage: https://treeherder.mozilla.org/logviewer.html#?job_id=180784011&repo=mozilla-beta Also, please be sure to update the bug number in the commit messages for these patches when pushing.

https://hg.mozilla.org/releases/mozilla-beta/rev/8adb9f8f899391c199bdd5841efe2e87260ea595 https://hg.mozilla.org/releases/mozilla-beta/rev/c9632ef7fb170beb9d2217117125c35dc7f7e516

https://hg.mozilla.org/releases/mozilla-esr60/rev/095a9b56bb34649dea0e9bb8f38b523e33c3c9c0 https://hg.mozilla.org/releases/mozilla-esr60/rev/6983f5845e9bb0cc79ee9eafb017f41a652970ad

https://hg.mozilla.org/releases/mozilla-esr52/rev/8189b262e3b9dacb5e8a5c498208a9d3a3bd762a https://hg.mozilla.org/releases/mozilla-esr52/rev/ca4943b7887f2cae3ecc971608c884e7670eb4b6

Backed out for bustage: https://hg.mozilla.org/releases/mozilla-esr52/rev/2a8f47c78ecc4533fc4317f22bfc9a4442ed3fc5

Re-landed: https://hg.mozilla.org/releases/mozilla-esr52/rev/9f81ae3f6e1d213e59c78c7e934b0f766a4c08e6