search

eurecom-s3 / symcc

SymCC: efficient compiler-based symbolic execution
http://www.s3.eurecom.fr/tools/symbolic_execution/symcc.html
GNU General Public License v3.0
773 stars 135 forks source link

Recommended workflow for afl and symcc combination #58

Closed DavidKorczynski closed 3 years ago

DavidKorczynski commented 3 years ago

Hi,

I am curious about the workflow recommended for combining symcc and afl. In the documentation it is suggested to use a master + a secondary afl in combination with SymCC. Is there are reason for having two AFLs rather than one? It says in the documentation (https://github.com/eurecom-s3/symcc/blob/9b20609adab02279c181010c8b1e61a9a9acac62/docs/Fuzzing.txt#L112) "It is possible to run SymCC with only an AFL master or only a secondary AFLinstance; see the AFL docs for the implications." Could you elaborate on this?

Cross-referencing:

sebastianpoeplau commented 3 years ago

Sorry, for the late reply - see https://github.com/google/fuzzbench/pull/1166#issuecomment-860223930.