Cromite crashes on print preview on windows 11

[tdlbugreport]

Preliminary checklist

• I have read the README.
• I have searched the existing issues for my problem. This is a new ticket, NOT a duplicate or related to another open issue.
• I have read the FAQs.
• I have updated Cromite to the latest version. The bug is reproducible on this latest version.
• This is a bug report about the Cromite browser; not the website nor F-Droid nor anything else.

Can the bug be reproduced with corresponding Chromium version?

No

Are you sure?

No

Cromite version

132.0.6834.122

Device architecture

windows

Platform version

Windows 11

Android Device model

Not android

Is the device rooted?

No

Changed flags

nothing

Is this bug happening ONLY in an incognito tab?

No

Is this bug caused by the adblocker?

No

Is this bug a crash?

Yes, but i cannot attach the dump. current chrome://crashes's "Save Now" button isn't working and also crashes on "Generate Report" button pressing (i assume it's using same printing service?)

Please let me know if i can find crash dump from path of some other location.

Describe the bug

Well, it just imminently crashes. nuking my all unsaved incognito pages :(

Steps to reproduce the bug

1. Try to print any page with Ctrl+P. (e.g. this github issue page.)
2. Cromite imminently crashes.

Expected behavior

Does not crash, make user to print things.

Screenshots

No response

[uazo]

Please let me know if i can find crash dump from path of some other location.

under User Data\Crashpad\reports

[uazo]

this is the stack of your dumps:

chrome_elf.dll!crash_reporter::DumpWithoutCrashing(void)
chrome.dll!base::debug::DumpWithoutCrashing(class base::Location const &,class base::TimeDelta)
chrome.dll!?RegisterMessages@CrashesDOMHandler@?A0x1ED5FCEE@@UEAAXXZ.b32caab229849392f4bf3a96a7f71dfb()
chrome.dll!base::TaskAnnotator::RunTaskImpl(struct base::PendingTask &)
chrome.dll!base::internal::TaskTracker::RunAndPopNextTask(class base::internal::RegisteredTaskSource)
chrome.dll!base::internal::TaskTracker::RunAndPopNextTask(class base::internal::RegisteredTaskSource)
chrome.dll!std::__Cr::__tree<struct std::__Cr::__value_type<class std::__Cr::basic_string<char,struct std::__Cr::char_traits<char>,class std::__Cr::allocator<char> >,class base::Value>,class std::__Cr::__map_value_compare<class std::__Cr::basic_string<char,struct std::__Cr::char_traits<char>,class std::__Cr::allocator<char> >,struct std::__Cr::__value_type<class std::__Cr::basic_string<char,struct std::__Cr::char_traits<char>,class std::__Cr::allocator<char> >,class base::Value>,struct std::__Cr::less<void>,1>,class std::__Cr::allocator<struct std::__Cr::__value_type<class std::__Cr::basic_string<char,struct std::__Cr::char_traits<char>,class std::__Cr::allocator<char> >,class base::Value> > >::destroy(class std::__Cr::__tree_node<struct std::__Cr::__value_type<class std::__Cr::basic_string<char,struct std::__Cr::char_traits<char>,class std::__Cr::allocator<char> >,class base::Value>,void *> *)
chrome.dll!base::internal::WorkerThread::ThreadMain(void)
chrome.dll!autofill::rationalization::ApplyRationalizationEngineRules(struct autofill::ParsingContext &,class std::__Cr::vector<class std::__Cr::unique_ptr<class autofill::AutofillField,struct std::__Cr::default_delete<class autofill::AutofillField> >,class std::__Cr::allocator<class std::__Cr::unique_ptr<class autofill::AutofillField,struct std::__Cr::default_delete<class autofill::AutofillField> > > > const &,class autofill::LogManager *)
[Frames may be missing, no binary loaded for KERNEL32.DLL]
KERNEL32.DLL!00007fffd13f7e94()

I guess you pressed the ‘generate report’ button in chrome://crashes, but this is not correct.

try deleting the contents of User Data\Crashpad\reports and try crashing cromite, if there is a new file in that directory is what I need.

[uazo]

I have to ask you to redo it with the latest version (not 131.0.6778.140), as I don't have free space on the server (and not even this available) , I only keep the files needed to extract the stack of the latest version because they are too big (a few tens of gigs).

[uazo]

stack trace:

00000034`1cffc2e8 00007ffa`36114886     : 000001d6`cf01a0c0 00000000`00000000 00000000`00000000 00000000`00000000 : 0x000001d6`cf050000
00000034`1cffc2f0 00007ffa`362d5119     : 000001d6`c55a8200 00000000`00000000 000001d6`cf01a0c0 000001d6`c55ab8d0 : jscript9Legacy!amd64_CallFunction+0x86
00000034`1cffc340 00007ffa`362d557a     : 000001d6`cf01a0c0 00007ffa`361146c0 00000034`1cffc3f0 00007ffa`362d5401 : jscript9Legacy!Js::JavascriptFunction::CallFunction<1>+0x69
00000034`1cffc390 00007ffa`362d5457     : 000001d6`cf01a0c0 00000034`1cffc4b0 000001d6`c55ab8d0 000001d6`c55ab8d0 : jscript9Legacy!Js::JavascriptFunction::CallRootFunctionInternal+0x10a
00000034`1cffc460 00007ffa`36190978     : 000001d6`cf01a0c0 00000034`1cffc510 000001d6`c55ab8d0 00007ffa`00000000 : jscript9Legacy!Js::JavascriptFunction::CallRootFunction+0x73
00000034`1cffc4d0 00007ffa`36191f46     : 000001d6`cf01a0c0 00000034`1cffc570 00000000`00000000 00000034`1cffc558 : jscript9Legacy!ScriptSite::CallRootFunction+0x70
00000034`1cffc530 00007ffa`36187049     : 000001d6`c55a46c0 000001d6`cf01a0c0 00000034`1cffc638 00000000`00000000 : jscript9Legacy!ScriptSite::Execute+0x18a
00000034`1cffc5c0 00007ffa`3618f466     : 000001d6`c55a7dd0 00000000`00000000 00000000`00000000 00007ffa`392d47c8 : jscript9Legacy!ScriptEngine::ExecutePendingScripts+0x1f1
00000034`1cffc6d0 00007ffa`391921c9     : 000001d6`c55a7e00 000001d6`00000001 00000000`00000000 000001d6`c55964e0 : jscript9Legacy!ScriptEngine::SetScriptState+0x166
00000034`1cffc710 00007ffa`390f37af     : 00000000`00000000 000001d6`c559f3a0 000001d6`c559f3f8 000001d6`c5782d40 : PrintConfig!JScriptLib::CJScriptHost::Parse+0xb9
00000034`1cffc790 00007ffa`390f2bc9     : 000001d6`c559f3a0 000001d6`c55a1900 000001d6`c559f2a0 000001d6`c55a1900 : PrintConfig!PrintConfig::CJScriptSite::Initialize+0x8f
00000034`1cffc7c0 00007ffa`39128e4f     : 000001d6`c55a1900 00000034`1cffc940 000001d6`c559f3a0 000001d6`00000004 : PrintConfig!PrintConfig::CJScriptSite::Create+0x79
00000034`1cffc800 00007ffa`39125291     : 00000000`00000000 000001d6`c55a1900 00007ffa`3920bf00 00007ffa`3920bfe0 : PrintConfig!PSUI::CPrintTicketProvider::EnsureJScriptSite+0x8b
00000034`1cffc840 00007ffa`39124ef9     : 000001d6`c5ce4e90 000001d6`c559f250 000001d6`c559f250 000001d6`cf7264c0 : PrintConfig!UniDrvUI::CPrintTicketProvider::ConvertDevModeToPrintTicketInternal+0x361
00000034`1cffcd90 00007ffa`39149ac7     : 000001d6`c559f250 00000034`1cffce69 000001d6`c5ce4e90 000001d6`cf7264c0 : PrintConfig!UniDrvUI::CPrintTicketProvider::ConvertDevModeToPrintTicket+0x59
00000034`1cffcdc0 00007ffa`39147d93     : 00000003`00000000 000001d6`c5782d40 00000000`00000000 000001d6`00001534 : PrintConfig!UniDrvUI::PerformJScriptDevmodeValidation+0x45b
00000034`1cffcec0 00007ffa`391461ac     : 000001d6`c574b9e8 00000034`1cffd650 00000000`00001838 00000000`00000000 : PrintConfig!UniDrvUI::BFillCommonInfoDevmode+0x327
00000034`1cffcf60 00007ffa`391456c5     : 00000003`00000000 00000034`0000112c 00000000`00000010 00000000`00000000 : PrintConfig!UniDrvUI::LSimpleDocumentProperties+0x178
00000034`1cffcfd0 00007ffa`390455fd     : 00000034`1cffd570 00007ffa`39220d20 00000034`1cffd570 000001d6`c55a61e0 : PrintConfig!UniDrvUI::DrvDocumentPropertySheets+0x65
00000034`1cffd480 00007ffa`3905b8ed     : 00000000`00000001 00007ffa`39223d90 000001d6`c55a54b0 ffff81dc`8c38094c : PrintConfig!PrintConfig::DrvDocumentPropertySheets+0x11d
00000034`1cffd500 00007ffa`3905c3f3     : ffffffff`ffffffff 00000034`00000000 00007ffa`39020000 00000034`1cffd650 : PrintConfig!ExceptionBoundary<<lambda_ce41999e58d4ed069b2790d632f6e3b5> >+0x3d
00000034`1cffd550 00007ffa`6e8df6d0     : 00000000`00000000 00000034`1cffd650 00000000`ffffffff ffffffff`ffffffff : PrintConfig!DrvDocumentPropertySheets+0x53
00000034`1cffd5c0 00007ffa`6e8dbf7f     : 000001d6`c5782d40 00000000`00000002 00000034`1cffd680 00000000`00000000 : WINSPOOL!DocumentPropertySheets+0x520
00000034`1cffd620 00007ffa`6e8de5f6     : 000001d6`c5ccc580 000001d6`c5782d40 00000000`00000000 00000000`00000002 : WINSPOOL!DocumentPropertiesWNative+0x19b
00000034`1cffd6b0 00007ffa`27844c95     : 000001d6`c5782d40 00000000`00000002 00000034`1cffd9c0 00000034`1cffd790 : WINSPOOL!DocumentPropertiesW+0x166

your problem does not seem to be related to chromium, but rather to use jscript9legacy.dll within the printer driver.
I can't do anything about it, try to change or upgrade the driver

[tdlbugreport]

@uazo

all other chromium based browsers works just fine with printing, cromite is the only problematic one. im not sure if it's my "printer driver" fault, as that printer is just default pdf printer. i dont have any 3rd party printer drivers installed on my system.

[uazo]

I don't know what to tell you, the evidence is there.

[tdlbugreport]

I don't know what to tell you, the evidence is there.

again, if driver is the faulty one, why other chromium-based browsers are printing just fine with same driver?

my installation is just freash w11 ltsc one without any third party drivers. indeed crashing call stack seems to be happening at non-cromite module, maybe it can be crashing due to passing invalid params to them while most of other chromium browsers are sending correct ones.

[uazo]

try searching for information on the web, for example this is a bugid with a similar problem

https://issues.chromium.org/issues/339994760

[tdlbugreport]

try searching for information on the web, for example this is a bugid with a similar problem

https://issues.chromium.org/issues/339994760

thanks, but that seems to be already mitigated on chromium, also seems to be irrelevant with my issue as setting specified flag still crashes cromite.

Following footage is recorded directly on my PC. default flags.
Chromium 132.0.6834.160
Cromite 132.0.6834.163

bandicam.2025-02-04.17-40-54-921.mp4

As you can see, only cromite crashes despite both of them are placed at non-Program files location. according to that bug report, such bugs should occur when chromium is placed on non-Program Files folder.

Relevant cromite log

[11816:11748:0204/010101.877:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.877] Printer: EVENT: local_printer_handler_default.cc:188 Getting default printer in-process
[11816:11748:0204/010101.881:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.881] Printer: EVENT: local_printer_handler_default.cc:158 Default Printer: Microsoft Print to PDF
[11816:11748:0204/010101.886:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.887] Printer: EVENT: local_printer_handler_default.cc:216 Enumerate printers start in-process
[11816:11748:0204/010101.890:VERBOSE1:print_backend_win.cc(376)] Found 1 printers
[11816:11748:0204/010101.890:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.890] Printer: EVENT: local_printer_handler_default.cc:88 Enumerated 1 printer(s)
[11816:11748:0204/010101.890:VERBOSE1:print_preview_utils.cc(77)] Found printer Microsoft Print to PDF with device name Microsoft Print to PDF
[11816:11748:0204/010101.890:VERBOSE1:print_preview_utils.cc(256)] Enumerate printers finished, found 1 printers
[11816:11748:0204/010101.891:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.891] Printer: EVENT: local_printer_handler_default.cc:249 Getting printer capabilities in-process for Microsoft Print to PDF
[11816:11748:0204/010101.894:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.894] Printer: EVENT: local_printer_handler_default.cc:123 Got basic info for Microsoft Print to PDF
[11816:11748:0204/010101.894:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.894] Printer: EVENT: printer_capabilities.cc:219 Get printer capabilities start for Microsoft Print to PDF
[11816:11748:0204/010101.895:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.895] Printer: EVENT: printer_capabilities.cc:222 Driver info: Microsoft Print To PDF;10.0.26100.1882;10.0.26100.2454 (WinBuild.160101.0800);Microsoft® Windows® Operating System
// Crashed, no outputs

Chromium logs

[16616:15712:0204/010101.038:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.040] Printer: EVENT: print_view_manager_base.cc:1367 Starting content analysis
[16616:15712:0204/010101.038:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.040] Printer: EVENT: print_view_manager_base.cc:1367 Completed content analysis
[16616:15712:0204/010101.106:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.107] Printer: EVENT: local_printer_handler_default.cc:188 Getting default printer in-process
[16616:15712:0204/010101.110:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.110] Printer: EVENT: local_printer_handler_default.cc:158 Default Printer: Microsoft Print to PDF
[16616:15712:0204/010101.117:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.117] Printer: EVENT: local_printer_handler_default.cc:216 Enumerate printers start in-process
[16616:15712:0204/010101.121:VERBOSE1:print_backend_win.cc(376)] Found 1 printers
[16616:15712:0204/010101.121:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.121] Printer: EVENT: local_printer_handler_default.cc:88 Enumerated 1 printer(s)
[16616:15712:0204/010101.121:VERBOSE1:print_preview_utils.cc(77)] Found printer Microsoft Print to PDF with device name Microsoft Print to PDF
[16616:15712:0204/010101.121:VERBOSE1:print_preview_utils.cc(256)] Enumerate printers finished, found 1 printers
[16616:15712:0204/010101.123:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.123] Printer: EVENT: local_printer_handler_default.cc:249 Getting printer capabilities in-process for Microsoft Print to PDF
[16616:15712:0204/010101.125:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.126] Printer: EVENT: local_printer_handler_default.cc:123 Got basic info for Microsoft Print to PDF
[16616:15712:0204/010101.125:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.126] Printer: EVENT: printer_capabilities.cc:219 Get printer capabilities start for Microsoft Print to PDF
[16616:15712:0204/010101.126:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.126] Printer: EVENT: printer_capabilities.cc:222 Driver info: Microsoft Print To PDF;10.0.26100.1882;10.0.26100.2454 (WinBuild.160101.0800);Microsoft® Windows® Operating System
[16616:15712:0204/010101.245:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.245] Printer: EVENT: printer_capabilities.cc:230 Got printer capabilities for Microsoft Print to PDF
[16616:15712:0204/010101.245:WARNING:controller_impl.cc(1187)] Background download complete, client: 6, completion type: 0, file size:5184
[16616:15712:0204/010101.246:VERBOSE1:print_preview_handler.cc(1000)] Get printer capabilities finished
[16616:15712:0204/010101.260:VERBOSE1:print_preview_handler.cc(679)] Print preview request start
[16616:15712:0204/010101.260:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.260] Printer: EVENT: printer_query.cc:274 Updating paper printable area in-process for Microsoft Print to PDF
[16616:15712:0204/010101.283:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.283] Printer: EVENT: print_view_manager_base.cc:343 Paper printable area updated for vendor id 1
[16616:15712:0204/010101.317:VERBOSE1:device_event_log_impl.cc(203)] [01:01:01.317] Printer: EVENT: print_preview_ui.cc:970 Compositing for document type kPDF
// and goes on...

I really don't think this issue is on my end.

[uazo]

cromite has a more restrictive sandbox than chromium, that could be it.
Try running it without it, adding --no-sandbox among the command line.

[tdlbugreport]

cromite has a more restrictive sandbox than chromium, that could be it. Try running it without it, adding --no-sandbox among the command line.

That solved the issue, thanks. but shouldn't this be treated as actual bug, then?

[uazo]

if it is ‘the fault’ of sandox then it is by design.

but shouldn't this be treated as actual bug, then?

From my point of view, it is not a cromite bug.
and... do not disable the sandbox!

[tdlbugreport]

😂 only if i had other way to make printing work on w11 + cromite

guess i should use other browsers for printing, then. thanks again for your time :)

[uazo]

only if i had other way to make printing work on w11 + cromite

well, it would be interesting to understand which flag triggers that behaviour:

https://github.com/uazo/cromite/blob/master/build/patches/Improve-the-browser-sandbox.patch

• for kNetworkServiceSandbox --> https://chromeenterprise.google/policies/#NetworkServiceSandboxEnabled
• kNetworkServiceCodeIntegrity cannot be deactivated but:

// Enables pre-launch Code Integrity Guard (CIG) for Chrome network service
// process, when running on Windows 10 1511 and above. This has no effect if
// NetworkServiceSandbox feature is disabled, or if using a component or ASAN
// build. See https://blogs.windows.com/blog/tag/code-integrity-guard/.

so if you disable the first one, it will also be disabled.

[tdlbugreport]

hmm, just tried

chrome.exe --disable-features=NetworkService,NetworkServiceSandbox,NetworkServiceCodeIntegrity,CommittedOriginEnforcements,CommittedOriginTracking,UseBrowserCalculatedOrigin

still crashes on cromite.
but enabling them on chromium

chrome.exe --enable-features=NetworkService,NetworkServiceSandbox,NetworkServiceCodeIntegrity,CommittedOriginEnforcements,CommittedOriginTracking

does not crash.

seems like other sandbox feature is faulty.

please let me know if im missing some other flags that should be tested.

[uazo]

https://github.com/uazo/cromite?tab=readme-ov-file#enable-network-process-sandbox-in-windows

you probably miss this one.

[tdlbugreport]

enabling RendererAppContainer makes chromium unusable with "Aw, Crap!" "STATUS_ACCESS_DENIED" on any page load attempts, even on new tab page, so i skipped enabling that one.
it does not crashes on network process sandbox.

D:\Programs\Chrome-bin>icacls . /grant "*S-1-15-2-2:(OI)(CI)(RX)"
processed file: .
Successfully processed 1 files; Failed processing 0 files
// i confirmed it's enabled as
// 16280	Utility	Network Service	Network	None	Default
D:\Programs\Chrome-bin>chrome.exe --enable-features=NetworkService,NetworkServiceSandbox,NetworkServiceCodeIntegrity,CommittedOriginEnforcements,CommittedOriginTracking,UseBrowserCalculatedOrigin

cromite still crashes even after disabling RendererAppContainer.

D:\Programs\chrome-win>icacls . /remove "*S-1-15-2-2:(OI)(CI)(RX)"
Successfully processed 0 files; Failed processing 0 files

D:\Programs\chrome-win>icacls . /deny "*S-1-15-2-2:(OI)(CI)(RX)"
processed file: .
Successfully processed 1 files; Failed processing 0 files
// i confirmed it's disabled as 
// 7624 | Utility | Network Service | Not Sandboxed
D:\Programs\chrome-win>chrome.exe --disable-features=NetworkService,NetworkServiceSandbox,NetworkServiceCodeIntegrity,CommittedOriginEnforcements,CommittedOriginTracking,UseBrowserCalculatedOrigin,RendererAppContainer

any more flags to test on?