Clusterfuzz: Can't send XHR with 3GB POST request body |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=6311272557314048 Fuzzer: inferno_layout_test_unmodified Job Type: linux_ubsan_vptr_chrome Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: count <= MaxElementCountInBackingStore<T>() in partition_allocator.h blink::XMLHttpRequest::send blink::V8XMLHttpRequest::SendMethodCallback Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_vptr_chrome&range=488740:489609 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6311272557314048 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally.
,
Dec 15
The JavaScript tries to send an XHR with ~3GB (or 1~2GB?) POST data and crashes due to limitation of max memory allocation size (~2GB). This is not OOM but hitting limit of memory allocation size, but probably WontFix?
,
Dec 15
,
Dec 17
Right, this is intentional policy.
,
Dec 24
ClusterFuzz testcase 6311272557314048 is still reproducing on tip-of-tree build (trunk). If this testcase was not reproducible locally or unworkable, ignore this notification and we will file another bug soon with hopefully a better and workable testcase. Otherwise, if this is not intended to be fixed (e.g. this is an intentional crash), please add ClusterFuzz-Ignore label to prevent future bug filing with similar crash stacktrace.
,
Dec 25
|
||||||
►
Sign in to add a comment |
||||||
Comment 1 by ClusterFuzz
, Dec 15Labels: Test-Predator-Auto-Components