funcTable edits in sanitization can break transform state #5793
Description
Reading the code in sanitizePII, I can see that we add funcs to the funcTable if there's any func which was used both by private and by non-private frames. (A "private frame" is an entry in the frameTable whose innerWindowID maps to a "page" with isPrivateBrowsing == true.)
Adding functions to the funcTable has one insidious effect due to the way the "collapse resource" transform: For every resource we reserve a function at the end of the funcTable which will be the "collapsed resource function". This happens in the getThreadWithReservedFunctions selector. And then our transforms can refer to those reserved func indexes.
If we add functions to the funcTable, those reserved func indexes move around. So I believe if you have the following transform stack:
Collapse XUL >> Focus on XUL
Then you will be focused on a different function after sanitization has added the "private window" version of some functions.
Furthermore, if you're focused on one of those "both private and non-private" functions, then after sanitization you're focused on the non-private version and the "private samples" will be gone from your filtered call tree. That might be fine though.
┆Issue is synchronized with this Jira Task