yaohway

Hi, sorry for the inconvenience, the naming convention is implemented by the KLEE's converter that converts .ktest files to concrete input. It is probably difficult to alter the behavior without...

Thanks for reporting. We've tested a clean install in ubuntu 14.04 (iirc 16.04 should work as well @DanielGuoVT did you test this version?). > Would you please make it more...

GDB is fine. BTW, it is pretty easy to integrate QSYM into SAVIOR, we have an internal support for that, it will be released soon, stay tune!

Hi, Please refer to the test folder for examples, specifically, you will need to prepare a config file similar to [this](https://github.com/evanmak/savior-source/blob/master/tests/config_samples/fuzz_tcpdump.cfg) and then [run the coordinator by providing the required...

Hmmm, thanks for reporting. Can you please take a look at `/root/work/savior/tests/jpeg-9c/obj-savior/out/master/queue` and check what's the format for the inputs? if it is like `id:000324,src:000000,op:arith8,pos:291,val:+20,+cov`, afl-fuzz is not complied with...

> [Edge-Oracle-Info] read 1 seeds it seems there's no input to choose from for symex, can you verify AFL is running correctly?

for your questions, > How many bugs expected to be discovered in the test sample jpeg by the savior ? Most of the bugs found are UBSAN bugs, please refer...

Hi, For how to config SAVIOR to take input from command line argument see the tcpdump example: https://github.com/evanmak/savior-source/blob/master/tests/config_samples/fuzz_tcpdump.cfg For how to run the job's separately you may try to look...

The tcpdump output looks correct, KLEE is contributing seeds. As for crashes, note that SAVIOR instruments the programs with UBSAN, and If the tested program is instrumented with UBSAN, by...

> So, how is the proper way of fuzzing with savior so we can find the crash file / corpus ? there are two ways to make it work. 1)...