csource: force enable tun flag when required

5 files changed, 47 insertions, 21 deletions

diff --git a/csource/common.go b/csource/common.go
index 8d4a74146..c0abd4412 100644
--- a/csource/common.go
+++ b/csource/common.go
@@ -1536,21 +1536,13 @@ static uintptr_t execute_syscall(int nr, uintptr_t a0, uintptr_t a1, uintptr_t a
 	case __NR_syz_fuseblk_mount:
 		return syz_fuseblk_mount(a0, a1, a2, a3, a4, a5, a6, a7);
 #endif
-#if defined(__NR_syz_emit_ethernet)
+#ifdef __NR_syz_emit_ethernet
 	case __NR_syz_emit_ethernet:
-#if defined(SYZ_EXECUTOR) || defined(SYZ_TUN_ENABLE)
 		return syz_emit_ethernet(a0, a1);
-#else
-		return 0;
-#endif
 #endif
-#if defined(__NR_syz_extract_tcp_res)
+#ifdef __NR_syz_extract_tcp_res
 	case __NR_syz_extract_tcp_res:
-#if defined(SYZ_EXECUTOR) || defined(SYZ_TUN_ENABLE)
 		return syz_extract_tcp_res(a0, a1, a2);
-#else
-		return 0;
-#endif
 #endif
 #ifdef __NR_syz_kvm_setup_cpu
 	case __NR_syz_kvm_setup_cpu:
diff --git a/csource/csource.go b/csource/csource.go
index ccc235f7e..0a5bcddd7 100644
--- a/csource/csource.go
+++ b/csource/csource.go
@@ -42,6 +42,18 @@ type Options struct {
 	Repro bool
 }
 
+func RequiresTun(p *prog.Prog) bool {
+	for _, c := range p.Calls {
+		switch c.Meta.CallName {
+		case "syz_emit_ethernet":
+			return true
+		case "syz_extract_tcp_seq":
+			return true
+		}
+	}
+	return false
+}
+
 func Write(p *prog.Prog, opts Options) ([]byte, error) {
 	exec := make([]byte, prog.ExecBufferSize)
 	if err := p.SerializeForExec(exec, 0); err != nil {
@@ -49,6 +61,10 @@ func Write(p *prog.Prog, opts Options) ([]byte, error) {
 	}
 	w := new(bytes.Buffer)
 
+	if RequiresTun(p) {
+		opts.EnableTun = true
+	}
+
 	fmt.Fprint(w, "// autogenerated by syzkaller (http://github.com/google/syzkaller)\n\n")
 
 	handled := make(map[string]int)
diff --git a/executor/common.h b/executor/common.h
index 032365471..934f98cf5 100644
--- a/executor/common.h
+++ b/executor/common.h
@@ -627,21 +627,13 @@ static uintptr_t execute_syscall(int nr, uintptr_t a0, uintptr_t a1, uintptr_t a
 	case __NR_syz_fuseblk_mount:
 		return syz_fuseblk_mount(a0, a1, a2, a3, a4, a5, a6, a7);
 #endif
-#if defined(__NR_syz_emit_ethernet)
+#ifdef __NR_syz_emit_ethernet
 	case __NR_syz_emit_ethernet:
-#if defined(SYZ_EXECUTOR) || defined(SYZ_TUN_ENABLE)
 		return syz_emit_ethernet(a0, a1);
-#else
-		return 0;
-#endif
 #endif
-#if defined(__NR_syz_extract_tcp_res)
+#ifdef __NR_syz_extract_tcp_res
 	case __NR_syz_extract_tcp_res:
-#if defined(SYZ_EXECUTOR) || defined(SYZ_TUN_ENABLE)
 		return syz_extract_tcp_res(a0, a1, a2);
-#else
-		return 0;
-#endif
 #endif
 #ifdef __NR_syz_kvm_setup_cpu
 	case __NR_syz_kvm_setup_cpu:
diff --git a/prog/analysis.go b/prog/analysis.go
index 5b786c753..67a254273 100644
--- a/prog/analysis.go
+++ b/prog/analysis.go
@@ -260,3 +260,29 @@ func sanitizeCall(c *Call) {
 		}
 	}
 }
+
+func RequiresTun(p *Prog) bool {
+	for _, c := range p.Calls {
+		switch c.Meta.CallName {
+		case "syz_emit_ethernet":
+			return true
+		case "syz_extract_tcp_res":
+			return true
+		}
+	}
+	return false
+}
+
+func RequiresBitmasks(p *Prog) bool {
+	result := false
+	for _, c := range p.Calls {
+		foreachArg(c, func(arg, _ *Arg, _ *[]*Arg) {
+			if arg.Kind == ArgConst {
+				if arg.Type.BitfieldOffset() != 0 || arg.Type.BitfieldLength() != 0 {
+					result = true
+				}
+			}
+		})
+	}
+	return result
+}
diff --git a/repro/repro.go b/repro/repro.go
index f4cfde322..741387af9 100644
--- a/repro/repro.go
+++ b/repro/repro.go
@@ -278,7 +278,7 @@ func (ctx *context) repro(entries []*prog.LogEntry, crashStart int) (*Result, er
 	}
 
 	// Try to simplify the C reproducer.
-	if res.Opts.EnableTun {
+	if res.Opts.EnableTun && !csource.RequiresTun(res.Prog) {
 		opts = res.Opts
 		opts.EnableTun = false
 		crashed, err := ctx.testCProg(res.Prog, duration, opts)