Bug 2368923
| Summary: | Chromium crashes with "SIGILL" when using the "ENTITIES HTML MathML Set" doctype in an XSLT stylesheet | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Max Chernoff <fedora> | ||||||
| Component: | chromium | Assignee: | Than Ngo <than> | ||||||
| Status: | MODIFIED --- | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 42 | CC: | pigpigman8686, spotrh, suraj.ghimire7, than, yaneti | ||||||
| Target Milestone: | --- | Keywords: | Desktop, Reopened | ||||||
| Target Release: | --- | ||||||||
| Hardware: | x86_64 | ||||||||
| OS: | Linux | ||||||||
| URL: | https://retrace.fedoraproject.org/faf/reports/bthash/ba91eeaaae72a196c8c67ee333b512a6a8cceac4 | ||||||||
| Whiteboard: | abrt_hash:ba91eeaaae72a196c8c67ee333b512a6a8cceac4;VARIANT_ID=workstation; | ||||||||
| Fixed In Version: | chromium-137.0.7151.103-1.fc42 chromium-137.0.7151.103-1.fc43 chromium-137.0.7151.103-1.fc41 | Doc Type: | --- | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2025-06-18 08:17:03 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
Created attachment 2091873 [details]
test.xml
Created attachment 2091874 [details]
test.xslt
FEDORA-2025-41bc291ca0 (chromium-137.0.7151.103-1.fc42) has been submitted as an update to Fedora 42. https://bodhi.fedoraproject.org/updates/FEDORA-2025-41bc291ca0 FEDORA-2025-aa9ea529fb (chromium-137.0.7151.103-1.fc41) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2025-aa9ea529fb I've installed FEDORA-2025-41bc291ca0, and it does fix the SIGILL crash, but documents loading the "ENTITIES HTML MathML Set" doctype are still broken. These are the console messages that I now get when opening the attached test document: ```log Unsafe attempt to load URL https://www.w3.org/2003/entities/2007/htmlmathml-f.ent from frame with URL http://localhost:8080/test.xml. Domains, protocols and ports must match. test.xslt:9 Entity 'mdash' not defined ``` FEDORA-2025-41bc291ca0 (chromium-137.0.7151.103-1.fc42) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2025-aa9ea529fb has been pushed to the Fedora 41 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-aa9ea529fb` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-aa9ea529fb See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2025-f42a0452b7 (chromium-137.0.7151.103-1.fc43) has been submitted as an update to Fedora 43. https://bodhi.fedoraproject.org/updates/FEDORA-2025-f42a0452b7 FEDORA-2025-f42a0452b7 (chromium-137.0.7151.103-1.fc43) has been pushed to the Fedora 43 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2025-aa9ea529fb (chromium-137.0.7151.103-1.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2025-3bbac57425 (cef-137.0.17^chromium137.0.7151.103-1.fc43) has been submitted as an update to Fedora 43. https://bodhi.fedoraproject.org/updates/FEDORA-2025-3bbac57425 FEDORA-2025-3bbac57425 (cef-137.0.17^chromium137.0.7151.103-1.fc43) has been pushed to the Fedora 43 stable repository. If problem still persists, please make note of it in this bug report. Is there a way to stop this issue from being automatically closed? As mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=2368923#c5, I don't think that the issue is really fixed yet. Or is this considered to be fixed and I should instead open a new bug? |
When opening the attached XML file in Chromium, one of the processes crashes, giving an "Aw, Snap! Error code: SIGILL" error page. The XML file displays correctly in Firefox and in the Chrome Android app. Reproducible: Always Steps to Reproduce: 1. Launch a web server in a folder containing both attached files (note: `file://` does not work.) 2a. Open `text.xml` in Chromium. 3a. See "Aw, Snap! Error code: SIGILL". 2b. Open `text.xml` in Firefox. 3b. Everything is fine. Actual Results: A crash in Chromium. Expected Results: A page with only an em-dash. Additional Information: Running `gdb --args /usr/lib64/chromium-browser/chromium-browser --single-process` and then collecting the backtrace doesn't give anything useful, despite having the necessary debuginfo packages installed. However, abrt/retrace works correctly, and shows both libxml and Chromium in the stack traces. ```console $ rpm --query --queryformat='%{NAME}\t%{VERSION}\n' chromium libxml2 | column --table chromium 136.0.7103.113 libxml2 2.12.10 ```