Fl0wer.png.html

I've had similar experiences with graphical corruption in X, and Firefox was almost always involved. Same radeon driver as you. And it seems to be distro-agnostic: I've seen it with Arch, Gentoo and Mint. All I know is that it's a recent thing: if I run an older version of my Gentoo build, it doesn't happen. But otherwise I see the same results.

I have no idea what to point to, because it's really weird. Scrambles /everything/ that goes through video. (And until now, I figured it was a quirk of my bizarre hardware. Guess not.)

I tried zooming in and out in Chrome on Windows 7, and it crashed my NVIDIA kernel mode driver.

Hm. Interesting. Using binary graphics drivers (nvidia et al)? Maybe something corrupted memory. Did it survive even a restart?

In Arch / Chromium / Intel card, and after starting Chromium disabling the webgl graphic cards blacklist, it just shuts my monitor down and I have to reboot.

My considered opinion (from the industry) is that its really shocking how under-invested-in the drivers are.

If a fraction of the effort that went into making the card went into making the drivers and maintaining and fixing them, we'd all be massively better off.

FYI, NoScript has a "Forbid WebGL" option which lets you selectively allow it in the same way it does with Flash, Java and SilverLight.

In some cases, it's even worse. Low end netbooks running Chrome will load the page and then the entire machine locks up as the WebGL starts rendering and takes over the weak GPU. Easy way of DOSing someone is to send them a WebGL link if they're on a weak computer.

This can't be used for XSS or the like, really. The way it works is that the PNG is first interpreted as HTML by the browser (hence the filename) and then it loads itself into an image tag, causing it to be interpreted as a PNG. Once it's loaded into the image tag, the image is drawn to a canvas so that the code -- embedded in the PNG -- can be extracted and executed.

While fun, the only real security concern here is that it's really good at pissing off IDSes.

Edit: I linked my article describing the technique in another comment here if you want to see how horrible it really is. I'm always both proud of and disgusted by myself for this technique.

If viewing a web page crashes your OS, seriously, you need to take that crap back and get a refund.

This didn't crash my mac entirely. don't avoid.

Same here. Had to reboot.

What browser are you using? Worked fine for me on Chrome.

It worked OK using latest stable Chrome on OS X 10.6.8

Worked great on my mac.

OS X 10.7.3 Safari 5.1.5 here and had no problems.

Granted it didn't work... No hangs or crashes though.

Worked great here using Ubuntu 12.04/Firefox 12 on my Thinkpad T420 with integrated Intel graphics only.

>Ubuntu

There's your problem. Are you using an ATI card, by the way?

Make sure you have restricted drivers installed. If you're using an ATI card you'll have to do the further step of going to about:flags in Chrome and making it ignore the software rendering blacklist.

There's an option in the Develop menu to enable WebGL, but even with that on this doesn't work.

Works in Chrome/Windows.

What kind of crappy online editor are you using that doesn't save continuously?

Works for me. And I have exactly the same version as you. (But I am running Xubuntu if that matters).

18.0.1025.151 (Developer Build 130497 Linux) Ubuntu 12.04

For this kind of bug you should specify your graphics module, GLX setup, etc...

Works for me on Chrome 18.0.1025.162/Ubuntu 11.04

Note: Chrome, not Chromium.

Same here.