Closed Bug 212051 Opened 17 years ago Closed 17 years ago

browser crashes on mozillazine forum thread with .jng-avatar

Categories

(Core :: ImageLib, defect, critical)

x86
Windows 2000
defect
Not set
critical

Tracking

()

VERIFIED DUPLICATE of bug 196670

People

(Reporter: enpontus, Assigned: glennrp+bmo)

References

()

Details

(Keywords: crash, stackwanted, Whiteboard: TB21706624E)

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624

Mozilla immediately crashes when i try to visit a special thread at mozillazine



Reproducible: Always

Steps to Reproduce:
1.Start Mozilla 1.4
2.goto
http://forums.mozillazine.org/viewtopic.php?t=15145&sid=6f8ea6d68e877200eb9674dd45a043d9
3.hello talkback window

Actual Results:  
kabooom!

Expected Results:  
shown the thread peacefully

more people are seeing this (cf.
http://forums.mozillazine.org/viewtopic.php?t=15281)
Crash talkback data
TB21706624E
TB1706565Q
TB21706535Y
belongs to this one
Confirmed using Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4)
Gecko/20030624

However, the page does work when using Firebird - Mozilla/5.0 (Windows; U;
Windows NT 5.0; en-US; rv:1.4b) Gecko/20030523 Mozilla Firebird/0.6
Also Netscape 7.1 crashes on this link
Crash data TB21713132Q
Sev->Critical for crashes
Marking new based on various confirming comments
Severity: normal → critical
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: crash
http://pmt.sf.net/opossum/opossum.jng is the avatar of galapogos,
so it´s a dupe of Bug 212042 Mozilla 1.4 crashes when viewing transparent JPEG

I didn´t see this crash, using win98SE
I´m duping bug 212042 to here, because here is talkback data.
Win2000 only ?
Summary: browser crashes on mozillazine forum thread → browser crashes on mozillazine forum thread with .jng-avatar
*** Bug 212042 has been marked as a duplicate of this bug. ***
Keywords: stackwanted
Whiteboard: TB21706624E
Works (i.e. no crash) on Linux Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4)
Gecko/20030703
Actually, to be precise, the JNG belongs to GlennRP not Galapogos. Thing is, I
can successfully view the page that contains the JNG avatar image of GlennRP's
in Mozillazine using Firebird [Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
rv:1.4b) Gecko/20030523 Mozilla Firebird/0.6], but when I go to the image
mentioned in bug 212042 (http://mozilla.linuxfaqs.de/darst-data/fish.jng),
Firebird will crash. Weird!
Sorry, I too was wondering why it didn´t crash earlier as Galapogos has more
than 300 postings. It´s not Galapogos, it was the posting below, that of GlennRP.

previous post was on Win98SE, with lots of RAM, and no crash, all links rendered
fine:
http://pmt.sf.net/opossum/opossum.jng
http://mozilla.linuxfaqs.de/darst-data/fish.jng
http://mozilla.linuxfaqs.de/graphics


now on Win98: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.4) Gecko/20030624
http://pmt.sf.net/opossum/opossum.jng  is rendered as source code, but the code
from mouzillazine is displayed:
<img src="http://pmt.sf.net/opossum/opossum.jng" alt="" border="0" /> 
but when I rightclick on that image: view image, it is also shown as source code
Confirmed CRASH! running through the JNG test suite!
http://www.libmng.com/JNGsuite/

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624
-> Imagelib

(wontfix because MNG is removed ?)
Assignee: general → jdunn
Component: Browser-General → ImageLib
QA Contact: general → tpreston
I removed the avatar from GlennRP's profile.  There is a copy at
http://pmt.sf.net/opossum/ for those who want to experience the crash.

I'm not observing a crash with
Mozilla/5.0 (Windows; U; Win95; en-US; rv:1.4) Gecko/20030624

Accepting bug.
Status: NEW → ASSIGNED
Reassigning bug to myself.
Assignee: jdunn → randeg
Status: ASSIGNED → NEW
Updating URL, because the avatar is gone from mozillazine.
Status: NEW → ASSIGNED
Trace from TB21706624E:
mng_add_chunk
[d:/builds/seamonkey/mozilla/modules/libimg/mng/libmng_chunk_prc.c, line 83]
read_chunk [d:/builds/seamonkey/mozilla/modules/libimg/mng/libmng_read.c, line 564]
read_chunk [d:/builds/seamonkey/mozilla/modules/libimg/mng/libmng_read.c, line 564]
mng_read_graphic [d:/builds/seamonkey/mozilla/modules/libimg/mng/libmng_read.c,
line 703]
mng_display_resume
[d:/builds/seamonkey/mozilla/modules/libimg/mng/libmng_hlapi.c, line 2006]
imgContainerMNG::WriteMNG
[d:/builds/seamonkey/mozilla/modules/libpr0n/decoders/mng/imgContainerMNG.cpp,
line 575]
nsMNGDecoder::WriteFrom
[d:/builds/seamonkey/mozilla/modules/libpr0n/decoders/mng/nsMNGDecoder.cpp, line 90]
imgRequest::OnDataAvailable
[d:/builds/seamonkey/mozilla/modules/libpr0n/src/imgRequest.cpp, line 799]
ProxyListener::OnDataAvailable
[d:/builds/seamonkey/mozilla/modules/libpr0n/src/imgLoader.cpp, line 895]
nsStreamListenerTee::OnDataAvailable
[d:/builds/seamonkey/mozilla/netwerk/base/src/nsStreamListenerTee.cpp, line 98]
nsHttpChannel::OnDataAvailable
[d:/builds/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp, line 3275]
nsInputStreamPump::OnStateTransfer
[d:/builds/seamonkey/mozilla/netwerk/base/src/nsInputStreamPump.cpp, line 421]
nsInputStreamPump::OnInputStreamReady
[d:/builds/seamonkey/mozilla/netwerk/base/src/nsInputStreamPump.cpp, line 322]
nsInputStreamReadyEvent::EventHandler
[d:/builds/seamonkey/mozilla/xpcom/io/nsStreamUtils.cpp, line 117]
PL_HandleEvent [d:/builds/seamonkey/mozilla/xpcom/threads/plevent.c, line 660]
PL_ProcessPendingEvents [d:/builds/seamonkey/mozilla/xpcom/threads/plevent.c,
line 596]
_md_EventReceiverProc [d:/builds/seamonkey/mozilla/xpcom/threads/plevent.c, line
1396]
nsAppShellService::Run
[d:/builds/seamonkey/mozilla/xpfe/appshell/src/nsAppShellService.cpp, line 479]
main1 [d:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1284]
main [d:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1650]
WinMain [d:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1672]
WinMainCRTStartup()
KERNEL32.dll + 0x2847c (0x77ea847c) 

*** This bug has been marked as a duplicate of 196670 ***
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.