Hello. I know you state that Mayhem generates no false positives, which is good. But what about the generated results, are they actionable?
Every defect Mayhem detects generates a corresponding test case that can be used against the target application to reproduce the specific failure. Additionally, Mayhem will report failures in uninstrumented binaries with a corresponding stack trace, and for debug instrumented binaries or binaries with additional instrumentation such as libFuzzer or Honggfuzz, we will also report the error output from those tools and instrumentations, allowing you not only to confirm and reproduce a defect, but to see exactly where in the code the defect was reported.