Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yes, we do. Fuzzing takes forever and only finds errors by luck, whilst with cbmc you'll find all errors within short loops (=data).

Klee is dead for years.

Both needs extra setup, but my make verify targets are still much easier to setup and run, than make fuzz.



That's funny, I recently went to a talk by Cristian Cadar about developments in KLEE and it seems very much alive. Perhaps you are talking through your hat.


good to hear. I thought it's dead (llvm 4.7 only)


CBMC is a model checker though right, not a symbolic execution engine? Or do you feel for all intents and purposes there is no difference?


It's the very same symbolic execution engine as klee, which just a bit more features, and a bit simpler to use.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: