When I start Firefox with ThreadSanitizer, I see two similar thread races from image/src/RasterImage.cpp (m-c rev 9f8233fcce1d): WARNING: ThreadSanitizer: data race (pid=29278) Read of size 2 at 0x7d4400044585 by thread T25 (mutexes: write M24436): #0 DecodeSomeOfImage image/src/RasterImage.cpp:3432 (libxul.so+0x000000dc6ba3) #1 Run image/src/RasterImage.cpp:3263 (libxul.so+0x000000dc6f90) #2 Run xpcom/threads/nsThreadPool.cpp:204 (libxul.so+0x000002d3984d) #3 non-virtual thunk to nsThreadPool::Run() xpcom/threads/nsThreadPool.cpp:218 (libxul.so+0x000002d39939) #4 ProcessNextEvent xpcom/threads/nsThread.cpp:622 (libxul.so+0x000002d368a3) [...] Previous write of size 2 at 0x7d4400044585 by main thread: #0 DoImageDataComplete image/src/RasterImage.cpp:1674 (libxul.so+0x000000dc2cb1) #1 OnImageDataComplete image/src/RasterImage.cpp:1730 (libxul.so+0x000000dc3521) #2 OnStopRequest image/src/imgRequest.cpp:675 (libxul.so+0x000000da8873) #3 OnStopRequest image/src/imgLoader.cpp:2103 (libxul.so+0x000000d9f10e) #4 OnStopRequest netwerk/base/src/nsBaseChannel.cpp:735 (libxul.so+0x000000a40e67) #5 non-virtual thunk to nsBaseChannel::OnStopRequest(nsIRequest*, nsISupports*, tag_nsresult) netwerk/base/src/nsBaseChannel.cpp:750 (libxul.so+0x000000a40f3f) #6 OnStateStop netwerk/base/src/nsInputStreamPump.cpp:702 (libxul.so+0x000000a58506) #7 OnInputStreamReady netwerk/base/src/nsInputStreamPump.cpp:437 (libxul.so+0x000000a57a29) #8 non-virtual thunk to nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) netwerk/base/src/nsInputStreamPump.cpp:489 (libxul.so+0x000000a58689) #9 Run xpcom/io/nsStreamUtils.cpp:85 (libxul.so+0x000002d1a18c) #10 ProcessNextEvent xpcom/threads/nsThread.cpp:622 (libxul.so+0x000002d368a3) [...] SUMMARY: ThreadSanitizer: data race image/src/RasterImage.cpp:3432 DecodeSomeOfImage WARNING: ThreadSanitizer: data race (pid=29278) Write of size 2 at 0x7d4400043e05 by main thread: #0 DoImageDataComplete image/src/RasterImage.cpp:1674 (libxul.so+0x000000dc2cb1) #1 OnImageDataComplete image/src/RasterImage.cpp:1730 (libxul.so+0x000000dc3521) #2 OnStopRequest image/src/imgRequest.cpp:675 (libxul.so+0x000000da8873) #3 OnStopRequest image/src/imgLoader.cpp:2103 (libxul.so+0x000000d9f10e) #4 OnStopRequest netwerk/base/src/nsBaseChannel.cpp:735 (libxul.so+0x000000a40e67) #5 non-virtual thunk to nsBaseChannel::OnStopRequest(nsIRequest*, nsISupports*, tag_nsresult) netwerk/base/src/nsBaseChannel.cpp:750 (libxul.so+0x000000a40f3f) #6 OnStateStop netwerk/base/src/nsInputStreamPump.cpp:702 (libxul.so+0x000000a58506) #7 OnInputStreamReady netwerk/base/src/nsInputStreamPump.cpp:437 (libxul.so+0x000000a57a29) #8 non-virtual thunk to nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) netwerk/base/src/nsInputStreamPump.cpp:489 (libxul.so+0x000000a58689) #9 Run xpcom/io/nsStreamUtils.cpp:85 (libxul.so+0x000002d1a18c) #10 ProcessNextEvent xpcom/threads/nsThread.cpp:622 (libxul.so+0x000002d368a3) [...] Previous read of size 2 at 0x7d4400043e05 by thread T25 (mutexes: write M24487): #0 IsDecodeFinished image/src/RasterImage.cpp:2825 (libxul.so+0x000000dc69d7) #1 Run image/src/RasterImage.cpp:3263 (libxul.so+0x000000dc6f90) #2 Run xpcom/threads/nsThreadPool.cpp:204 (libxul.so+0x000002d3984d) #3 non-virtual thunk to nsThreadPool::Run() xpcom/threads/nsThreadPool.cpp:218 (libxul.so+0x000002d39939) #4 ProcessNextEvent xpcom/threads/nsThread.cpp:622 (libxul.so+0x000002d368a3) [...] SUMMARY: ThreadSanitizer: data race image/src/RasterImage.cpp:1674 DoImageDataComplete It would be good if someone could take a look and fix them, if possible.

I haven't seen anything like this, so I'm going to assume that it's been fixed by some of the imagelib refactoring done in service of fixing other TSan races.