Should not finish tests while printing.

Reported by cluster-fuzz: https://cluster-fuzz.appspot.com/testcase?key=6475256993153024 While blink::LocalDOMWindow::print, content_shell might finish loading some resource (mainly ImageResource). In this case, - test_runner::WebTestProxyBase::DidFinishResourceLoad will be invoked. - test_runner::WebTestProxyBase::CheckOne will be invoked. - Since all pending resources were loaded, will start CaptureDump. - blink::LocalFrame::setPrinting will be invoked. So we should not do CaptureDump while printing. BUG=539689 TEST=third_party/WebKit/LayoutTests/printing/finish-loading-while-printing-crash.html Review URL: https://codereview.chromium.org/1411243006 Cr-Commit-Position: refs/heads/master@{#356233}
author: tasak <tasak@google.com> 2015-10-26 20:29:45 -0700
committer: Commit bot <commit-bot@chromium.org> 2015-10-27 03:30:35 +0000
commit: 5d9a5a8c009a722f06051940345dc849612195bc (patch)
tree: 4344c95438db04f387261efe2b68c1764833a274
parent: 41826031a78af14dc53ab525f01aa0613bef44f9 (diff)
download: chromium_src-5d9a5a8c009a722f06051940345dc849612195bc.zip
chromium_src-5d9a5a8c009a722f06051940345dc849612195bc.tar.gz
chromium_src-5d9a5a8c009a722f06051940345dc849612195bc.tar.bz2
5 files changed, 29 insertions, 1 deletions
diff --git a/components/test_runner/web_test_proxy.cc b/components/test_runner/web_test_proxy.cc
index be90a68..227f6ef 100644
--- a/components/test_runner/web_test_proxy.cc
+++ b/components/test_runner/web_test_proxy.cc
@@ -1351,7 +1351,8 @@ void WebTestProxyBase::CheckDone(blink::WebLocalFrame* frame,
   if (frame != test_interfaces_->GetTestRunner()->topLoadingFrame())
     return;
   if (reason != MainResourceLoadFailed &&
-      (frame->isResourceLoadInProgress() || frame->isLoading()))
+      (frame->isResourceLoadInProgress() || frame->isLoading() ||
+       frame->isPrinting()))
     return;
   test_interfaces_->GetTestRunner()->setTopLoadingFrame(frame, true);
 }
diff --git a/third_party/WebKit/LayoutTests/printing/finish-loading-while-printing-crash-expected.html b/third_party/WebKit/LayoutTests/printing/finish-loading-while-printing-crash-expected.html
new file mode 100644
index 0000000..0e3344e
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/printing/finish-loading-while-printing-crash-expected.html
@@ -0,0 +1,5 @@
+<!DOCTYPE html>
+<dialog
+   <form>
+     <input src="data:image/gif;base64,R0lGODdhAgACAIABAAAAAP///ywAAAAAAgACAAACA0QCBQA7" type="image"/>
+</dialog>
diff --git a/third_party/WebKit/LayoutTests/printing/finish-loading-while-printing-crash.html b/third_party/WebKit/LayoutTests/printing/finish-loading-while-printing-crash.html
new file mode 100644
index 0000000..b65a8d8
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/printing/finish-loading-while-printing-crash.html
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<dialog
+   <form>
+     <!-- Any valid image encoded to data URL will do. -->
+     <!-- The important thing is that some valid image is loaded while -->
+     <!-- layout caused by print. -->
+     <!-- This causes test_runner to do WebTestProxyBase::checkDone. -->
+     <!-- If test_runner judges that the test is finished, CaptureDump -->
+     <!-- will be invoked and updateLayout will be invoked. -->
+     <!-- Since layout is running, the updateLayout causes crash. -->
+     <input src="data:image/gif;base64,R0lGODdhAgACAIABAAAAAP///ywAAAAAAgACAAACA0QCBQA7" type="image"/>
+</dialog>
+<!-- test for issue 539689: should not capture dump while printing. -->
+<!-- PASS if no crash occurs. -->
+<script>
+if (window.testRunner)
+    testRunner.setPrinting();
+print();
+</script>
diff --git a/third_party/WebKit/Source/web/WebLocalFrameImpl.h b/third_party/WebKit/Source/web/WebLocalFrameImpl.h
index afb6358..7d89f79 100644
--- a/third_party/WebKit/Source/web/WebLocalFrameImpl.h
+++ b/third_party/WebKit/Source/web/WebLocalFrameImpl.h
@@ -186,6 +186,7 @@ public:
     void printEnd() override;
     bool isPrintScalingDisabledForPlugin(const WebNode&) override;
     bool getPrintPresetOptionsForPlugin(const WebNode&, WebPrintPresetOptions*) override;
+    bool isPrinting() const override { return !!m_printContext; }
     bool hasCustomPageSizeStyle(int pageIndex) override;
     bool isPageBoxVisible(int pageIndex) override;
     void pageSizeAndMarginsInPixels(
diff --git a/third_party/WebKit/public/web/WebLocalFrame.h b/third_party/WebKit/public/web/WebLocalFrame.h
index e2bfa20..4939c93 100644
--- a/third_party/WebKit/public/web/WebLocalFrame.h
+++ b/third_party/WebKit/public/web/WebLocalFrame.h
@@ -117,6 +117,8 @@ public:
 
     // Returns true on success and sets the out parameter to the print preset options for the document.
     virtual bool getPrintPresetOptionsForPlugin(const WebNode&, WebPrintPresetOptions*) = 0;
+    // Returns true if not printing this frame.
+    virtual bool isPrinting() const = 0;
 
 
     // Scripting --------------------------------------------------------------
author	tasak <tasak@google.com>	2015-10-26 20:29:45 -0700
committer	Commit bot <commit-bot@chromium.org>	2015-10-27 03:30:35 +0000
commit	5d9a5a8c009a722f06051940345dc849612195bc (patch)
tree	4344c95438db04f387261efe2b68c1764833a274
parent	41826031a78af14dc53ab525f01aa0613bef44f9 (diff)
download	chromium_src-5d9a5a8c009a722f06051940345dc849612195bc.zip chromium_src-5d9a5a8c009a722f06051940345dc849612195bc.tar.gz chromium_src-5d9a5a8c009a722f06051940345dc849612195bc.tar.bz2