I want to use angr to analyze IoT firmware file. I have read the documentation of angr,however, I could not find solution to analyze firmware file. So how can angr generate CFG file of Firmware? or How I can analyze firmware file with angr as symbolic execution?
As far as I know, angr does not do firmware file analysis: it is a binary (as in binary executable) analysis tools, and a firmware image is not an executable binary.
So how can angr generate CFG file of Firmware?
As per my comment above, there is no such thing as the CFG of a firmware: A CFG is the representation of the flow of control in an executable.
How I can analyze firmware file with angr [with] symbolic execution?
Again, following the same confusion: symbolic execution is a technique to dynamically analyze an executable file. One cannot "execute" a firmware image, even less symbolically!
What you might want to do is use something like to firmware-mod-kit to extract the content of the firmware image you have; Among this content, find the executable you want to test, and then use angr to perform all the analyses you want!