Renderer Process Crashes in Print Preview Popup Due to Null Return in…

… GetFrame() During Execution. If a web page has a button that triggers a print preview popup, and when the popup appears, clicking the refresh button causes the Renderer process to crash. If loading_for_print_ is true, GetFrame()->Client()->DispatchDidFinishLoadForPrinting() that after the execution is completed, there is a possibility of GetFrame() returning null. So after this, it is necessary to determine whether it is empty. If it is empty, false should be returned. Bug: 1478487 Change-Id: Ieac77cba80f7c0115dfaea1c0dc3731a5b30dd2e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4835376 Reviewed-by: Daniel Cheng <[email protected]> Reviewed-by: Nate Chapin <[email protected]> Reviewed-by: Chris Harrelson <[email protected]> Commit-Queue: Nate Chapin <[email protected]> Cr-Commit-Position: refs/heads/main@{#1194228}
Tobias710219 · Sep 8, 2023 · 50d901d · 50d901d
1 parent e9c64da
commit 50d901d
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 0 deletions.
diff --git a/lint.ignore b/lint.ignore
@@ -214,6 +214,7 @@ SET TIMEOUT: performance-timeline/resources/navigation-id-detached-frame-page.ht
 SET TIMEOUT: portals/resources/portals-adopt-predecessor-portal.html
 SET TIMEOUT: preload/single-download-preload.html
 SET TIMEOUT: preload/resources/slow-exec.js
+SET TIMEOUT: print/crashtests/reload-crash.html
 SET TIMEOUT: resize-observer/resources/iframe.html
 SET TIMEOUT: resource-timing/resources/nested-contexts.js
 SET TIMEOUT: reporting/resources/first-csp-report.https.sub.html

diff --git a/print/crashtests/reload-crash.html b/print/crashtests/reload-crash.html
@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <link rel="author" title="Chenguang Shao" href="[email protected]">
+        <link rel="help" href="https://bugs.chromium.org/p/chromium/issues/detail?id=1478487">
+        <title>Reload Crash Test</title>
+        <script>
+            function PrintAndRefreshPage() {
+                var queryParams = new URLSearchParams(window.location.search);
+                var isFirstLoad = queryParams.get('isFirstLoad');
+                if (isFirstLoad === null) {
+                    window.print();
+                    setTimeout(function() {
+                        var url = window.location.href;
+                        var updatedUrl = url + '?isFirstLoad=false';
+                        window.location.href = updatedUrl;
+                    },
+                    0);
+                }
+            }
+        </script>
+    </head>
+    <body onload="PrintAndRefreshPage()">
+        <p>The pop-up print preview box is for refreshing the page</p>
+        <image id="image" loading="lazy" src="test.png"></image>
+    </body>
+</html>