From owner-freebsd-gecko@FreeBSD.ORG Fri Jan 28 22:39:18 2011 Return-Path: Delivered-To: gecko@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7E563106564A for ; Fri, 28 Jan 2011 22:39:18 +0000 (UTC) (envelope-from naddy@mips.inka.de) Received: from mail-in-05.arcor-online.net (mail-in-05.arcor-online.net [151.189.21.45]) by mx1.freebsd.org (Postfix) with ESMTP id 334818FC1D for ; Fri, 28 Jan 2011 22:39:17 +0000 (UTC) Received: from mail-in-16-z2.arcor-online.net (mail-in-16-z2.arcor-online.net [151.189.8.33]) by mx.arcor.de (Postfix) with ESMTP id 01A13E3F26 for ; Fri, 28 Jan 2011 23:06:47 +0100 (CET) Received: from mail-in-03.arcor-online.net (mail-in-03.arcor-online.net [151.189.21.43]) by mail-in-16-z2.arcor-online.net (Postfix) with ESMTP id F31473FE3E9 for ; Fri, 28 Jan 2011 23:06:46 +0100 (CET) Received: from lorvorc.mips.inka.de (dslb-092-075-201-168.pools.arcor-ip.net [92.75.201.168]) by mail-in-03.arcor-online.net (Postfix) with ESMTPS id F1FB5D8083 for ; Fri, 28 Jan 2011 23:06:45 +0100 (CET) X-DKIM: Sendmail DKIM Filter v2.8.2 mail-in-03.arcor-online.net F1FB5D8083 Received: from lorvorc.mips.inka.de (localhost [127.0.0.1]) by lorvorc.mips.inka.de (8.14.4/8.14.3) with ESMTP id p0SM6jKc096110 for ; Fri, 28 Jan 2011 23:06:45 +0100 (CET) (envelope-from naddy@lorvorc.mips.inka.de) Received: (from naddy@localhost) by lorvorc.mips.inka.de (8.14.4/8.14.4/Submit) id p0SM6jiV096109 for gecko@freebsd.org; Fri, 28 Jan 2011 23:06:45 +0100 (CET) (envelope-from naddy) Date: Fri, 28 Jan 2011 23:06:45 +0100 From: Christian Weisgerber To: gecko@freebsd.org Message-ID: <20110128220645.GA95904@lorvorc.mips.inka.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.3i Cc: Subject: Firefox unaligned access fix X-BeenThere: freebsd-gecko@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Gecko Rendering Engine issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jan 2011 22:39:18 -0000 I think we want this fix for Firefox 3.5/3.6 and related ports: https://hg.mozilla.org/mozilla-central/raw-rev/e8207773d54d Now, I don't have a sparc64 running FreeBSD, but this is hardly OS dependent and on OpenBSD/sparc64 I see crashes with SIGBUS when accessing http://www.heise.de/netze/ Something on that page causes parsing of a malformed(?) ICC profile which causes this unaligned access: #0 0x000000021207cd68 in read_u32 (mem=0xfffffffffffd22f0, offset=535) at iccread.c:90 90 return be32_to_cpu(*(__be32*)(mem->buf + offset)); (gdb) p mem->buf + offset $1 = (const unsigned char *) 0x2258f85b7 "XYZ " (gdb) bt #0 0x000000021207cd68 in read_u32 (mem=0xfffffffffffd22f0, offset=535) at iccread.c:90 #1 0x000000021207cee0 in read_tag_XYZType (src=0xfffffffffffd22f0, index= {count = 17, tags = 0x225692100}, tag_id=Variable "tag_id" is not available. ) at iccread.c:322 #2 0x000000021207d6b8 in qcms_profile_from_memory (mem=Variable "mem" is not available. ) at iccread.c:708 #3 0x0000000210d28250 in nsJPEGDecoder::ProcessData (this=0x200a4f800, data=0x209c18ff8 "\002*5*h*\233*+\002+6+i+\235+,\005,9,n,,-\f-A-v--.\026.L.\202../$/Z/\221//050l001\0221J1\202112*2c2\23323\r3F3\177334+4e4\23645\0235M5\20755676r667$7`7\23478\0248P8\21489\0059B9\17799:6:t::;-;k;;<' >`>>?!?a??@#@d@"..., count=4096, writeCount=0xfffffffffffd27c8) at nsJPEGDecoder.cpp:339 [...] -- Christian "naddy" Weisgerber naddy@mips.inka.de