BUILD: 2001-04-17-08 STEPS TO REPRODUCE: 1) "setenv MOZ_VALIDATE_HTML 1" or equivalent 2) Run mozilla 3) open view source and crash Here's what's going on: We are using the parser context passed to CViewSourceHTML::WillBuildModel to initialize mValidator (http://lxr.mozilla.org/seamonkey/source/htmlparser/src/nsViewSourceHTML.cpp#439): mValidator=aParserContext.mValidator; The parser context gets its value of mValidator in http://lxr.mozilla.org/seamonkey/source/htmlparser/src/nsParser.cpp#1048 The value is set in GetSharedObjects(), which just creates and returns a new CSharedParserObjects object. The constructor for this object does not set mOtherDTD to null, and that pointer eventually becomes mValidator in view source and is dereferenced, causing a segmentation violation. Attaching a patch that properly sets the pointer to null in the constructor
Keywords: crash, patch, review
Created attachment 31265 [details] [diff] [review] another patch, moving the initializations to a better place
Assignee: harishd → bzbarsky
Keywords: review → approval
The checkin for bug 69455 fixed this among other things. The pointer is now properly initialized in the constructor. Marking fixed.
Status: NEW → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → FIXED
Verified on: build: 2001-05-21-11-Mtrunk platform: WinNT Marking it verified as per above developer comments.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.