A question about the LAVA-M who fix

[andreafioraldi]

Hi, I noticed that here you fixed lava_get in this way:

// move to somewhere after #include "..."
unsigned int lava_get(unsigned int bug_num) {

#define SWAP_UINT32(x) (((x) >> 24) | (((x) & 0x00FF0000) >> 8) | (((x) & 0x0000FF00) << 8) | ((x) << 24))
  if (0x6c617661 - bug_num == lava_val[bug_num] ||
      SWAP_UINT32(0x6c617661 - bug_num) == lava_val[bug_num]) {
    printf("Successfully triggered bug %d, crashing now!\n", bug_num);
    fflush(0);
    //exit(0);
  }
  else {
    //printf("Not successful for bug %d; val = %08x not %08x or %08x\n", bug_num, lava_val[bug_num], 0x6c617661 + bug_num, 0x6176616c + bug_num);
  }
  return lava_val[bug_num];
}

I'm doing the same thing and I noticed that removing exit(0) a testcase can trigger multiple lava bugs. For example:

./who crashing_testcase
Successfully triggered bug 4, crashing now!
Successfully triggered bug 4, crashing now!
reboot   ~            1970-01-01 01:00 (lam�)
Successfully triggered bug 2258, crashing now!
Successfully triggered bug 2258, crashing now!
Successfully triggered bug 2258, crashing now!
�                    1921-11-02 18:27
Successfully triggered bug 2258, crashing now!
Successfully triggered bug 2258, crashing now!
Successfully triggered bug 2258, crashing now!
Successfully triggered bug 3516, crashing now!
Successfully triggered bug 3516, crashing now!
Successfully triggered bug 3516, crashing now!
Segmentation fault

How did you solve this inconsistency while evaluating Angora? You considered only the last printed "Successfully triggered bug X, crashing now!" line or you considered all of them? I the case above this crashing testcase is triggering 3 different bugs, can you suggest me how to handle this situation?

[spinpx]

Hi, andreafioraldi, we considered all of them in our evaluation.

[andreafioraldi]

Ok thank you :)