You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To aid in filtering down the number of potential false positive crashes reported to maintainers, we can applying the following prioritization rules:
Crash with LLVMFuzzerTestOneInput as the top frame: Most likely false positive.
Crash discovered without any / much coverage growth: likely false positive. Note though, there can be exceptions here if there is a particular low hanging fruit in the function being fuzzed that's very easy to find.
Crash discovered with zero coverage diff or edge coverage: most likely false positive.
Use after frees where the free happens in LLVMFuzzerTestOneInput.
null derefs, FPEs, aborts, C++ exceptions, are likely uninteresting to report.
Additionally, we need a way to detect cases of #164 and #7.
The text was updated successfully, but these errors were encountered:
To aid in filtering down the number of potential false positive crashes reported to maintainers, we can applying the following prioritization rules:
Additionally, we need a way to detect cases of #164 and #7.
The text was updated successfully, but these errors were encountered: