David Benjamin
David Benjamin
It takes far too much boilerplate (about 100-odd lines per NPAPI function) to generate a single function's worth of thunks. This is also rather error-prone, though thankfully I haven't found...
### Description of the bug: Based on https://github.com/bazelbuild/bazel-central-registry/pull/1833#issuecomment-2083516837, I gather best practice for bzlmod is to mark your tests' dependencies as a dev_dependency. We've thus tentatively set googletest as a...
### Description of the feature request: C and C++ compiler options are very related, but not always identical, ranging from variations in language specifiers and even warnings flags. For example...
It's pretty frequent that OSS-Fuzz infrastructure changes cause false positives (see https://github.com/google/oss-fuzz/issues/11881). This historically hasn't been a big deal, because we can just ignore them. However, since then, these false...
OSS-Fuzz bug reports say: > This bug tracker is not being monitored by OSS-Fuzz team. If you have any questions, please create an issue at https://github.com/google/oss-fuzz/issues/new. However, sometimes reports are...
It's happened a few times now that OSS-Fuzz infrastructure changes have caused MSan false positives in the fuzzers. Most recently, https://github.com/google/oss-fuzz/pull/11880, but other times we've been hit by regressions in...
After the most recent round of MSan false positives (https://github.com/google/oss-fuzz/issues/11886), perhaps OSS-Fuzz could consider better pre-commit testing? For example: Before every tooling update, run the fuzzers over the existing corpus,...
This is a companion to https://github.com/google/oss-fuzz/issues/11925 OSS-Fuzz automatically assigns severity for bugs. This is a great first-pass triage, but sometimes OSS-Fuzz is wrong. It may over-level the bug if it's...
Given that OSV reports from OSS-Fuzz are currently false-positive-laden (see https://github.com/google/osv.dev/issues/2176 and https://github.com/google/oss-fuzz/issues/11925), the withdrawal process needs to be much smoother. Manually making a PR and trying to keep to...