8 files changed, 143 insertions, 33 deletions

diff --git a/executor/common.h b/executor/common.h
index 5ddfb08c5..9e6545926 100644
--- a/executor/common.h
+++ b/executor/common.h
@@ -2,6 +2,14 @@
 // Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
 
 // This file is shared between executor and csource package.
+// csource does a bunch of transformations with this file:
+// - unused parts are stripped using #if SYZ* defines
+// - includes are hoisted to the top and deduplicated
+// - comments and empty lines are stripped
+// - NORETURN/PRINTF/debug are removed
+// - exitf/failf/fail are replaced with exit
+// - uintN types are replaced with uintN_t
+// - [[FOO]] placeholders are replaced by actual values
 
 #ifndef _GNU_SOURCE
 #define _GNU_SOURCE
@@ -23,6 +31,11 @@ NORETURN void doexit(int status)
 }
 #endif
 
+#if SYZ_EXECUTOR || SYZ_PROCS || SYZ_REPEAT && SYZ_ENABLE_CGROUPS || \
+    __NR_syz_mount_image || __NR_syz_read_part_table
+unsigned long long procid;
+#endif
+
 #if !GOOS_fuchsia && !GOOS_windows
 #if SYZ_EXECUTOR || SYZ_HANDLE_SEGV
 #include <setjmp.h>
@@ -359,9 +372,6 @@ struct thread_t {
 static struct thread_t threads[16];
 static void execute_call(int call);
 static int running;
-#if SYZ_COLLIDE
-static int collide;
-#endif
 
 static void* thr(void* arg)
 {
@@ -376,11 +386,22 @@ static void* thr(void* arg)
 	return 0;
 }
 
-static void execute(int num_calls)
+#if SYZ_REPEAT
+static void execute_one()
+#else
+static void loop()
+#endif
 {
+#if SYZ_REPRO
+	if (write(1, "executing program\n", sizeof("executing program\n") - 1)) {
+	}
+#endif
 	int call, thread;
-	running = 0;
-	for (call = 0; call < num_calls; call++) {
+#if SYZ_COLLIDE
+	int collide = 0;
+again:
+#endif
+	for (call = 0; call < [[NUM_CALLS]]; call++) {
 		for (thread = 0; thread < sizeof(threads) / sizeof(threads[0]); thread++) {
 			struct thread_t* th = &threads[thread];
 			if (!th->created) {
@@ -402,10 +423,16 @@ static void execute(int num_calls)
 #endif
 			event_timedwait(&th->done, 25);
 			if (__atomic_load_n(&running, __ATOMIC_RELAXED))
-				sleep_ms((call == num_calls - 1) ? 10 : 2);
+				sleep_ms((call == [[NUM_CALLS]] - 1) ? 10 : 2);
 			break;
 		}
 	}
+#if SYZ_COLLIDE
+	if (!collide) {
+		collide = 1;
+		goto again;
+	}
+#endif
 }
 #endif
 
@@ -428,7 +455,9 @@ static void reply_handshake();
 
 static void loop()
 {
+#if SYZ_HAVE_SETUP_LOOP
 	setup_loop();
+#endif
 #if SYZ_EXECUTOR
 	// Tell parent that we are ready to serve.
 	reply_handshake();
@@ -449,7 +478,9 @@ static void loop()
 		if (mkdir(cwdbuf, 0777))
 			fail("failed to mkdir");
 #endif
+#if SYZ_HAVE_RESET_LOOP
 		reset_loop();
+#endif
 #if SYZ_EXECUTOR
 		receive_execute();
 #endif
@@ -457,7 +488,9 @@ static void loop()
 		if (pid < 0)
 			fail("clone failed");
 		if (pid == 0) {
+#if SYZ_HAVE_SETUP_TEST
 			setup_test();
+#endif
 #if SYZ_EXECUTOR || SYZ_USE_TMP_DIR
 			if (chdir(cwdbuf))
 				fail("failed to chdir");
@@ -479,7 +512,9 @@ static void loop()
 #endif
 			execute_one();
 			debug("worker exiting\n");
+#if SYZ_HAVE_RESET_TEST
 			reset_test();
+#endif
 			doexit(0);
 #endif
 		}
@@ -556,3 +591,61 @@ static void loop()
 }
 #endif
 #endif
+
+#if !SYZ_EXECUTOR
+[[SYSCALL_DEFINES]]
+
+[[RESULTS]]
+
+#if SYZ_THREADED || SYZ_REPEAT || SYZ_SANDBOX_NONE || SYZ_SANDBOX_SETUID || SYZ_SANDBOX_NAMESPACE
+#if SYZ_THREADED
+void
+execute_call(int call)
+#elif SYZ_REPEAT
+void
+execute_one()
+#else
+void
+loop()
+#endif
+{
+	[[SYSCALLS]]
+}
+#endif
+
+// This is the main function for csource.
+#if GOOS_akaros && SYZ_REPEAT
+#include <string.h>
+
+int main(int argc, char** argv)
+{
+	[[MMAP_DATA]]
+
+	program_name = argv[0];
+	if (argc == 2 && strcmp(argv[1], "child") == 0)
+		child();
+#else
+int
+main()
+{
+	[[MMAP_DATA]]
+#endif
+#if SYZ_HANDLE_SEGV
+	install_segv_handler();
+#endif
+#if SYZ_PROCS
+	for (procid = 0; procid < [[PROCS]]; procid++) {
+		if (fork() == 0) {
+#endif
+#if SYZ_USE_TMP_DIR
+			use_temporary_dir();
+#endif
+			[[SANDBOX_FUNC]]
+#if SYZ_PROCS
+		}
+	}
+	sleep(1000000);
+#endif
+	return 0;
+}
+#endif
diff --git a/executor/common_akaros.h b/executor/common_akaros.h
index f2f89033e..a0e42088a 100644
--- a/executor/common_akaros.h
+++ b/executor/common_akaros.h
@@ -3,9 +3,8 @@
 
 // This file is shared between executor and csource package.
 
+#include <ros/syscall.h>
 #include <stdlib.h>
-#include <sys/mman.h>
-#include <sys/syscall.h>
 #include <unistd.h>
 
 #if SYZ_EXECUTOR || SYZ_SANDBOX_NONE
@@ -35,9 +34,7 @@ void child()
 }
 #endif
 
+#if SYZ_EXECUTOR
 #define do_sandbox_setuid() 0
 #define do_sandbox_namespace() 0
-#define setup_loop()
-#define reset_loop()
-#define setup_test()
-#define reset_test()
+#endif
diff --git a/executor/common_bsd.h b/executor/common_bsd.h
index 164d16a36..b678dd968 100644
--- a/executor/common_bsd.h
+++ b/executor/common_bsd.h
@@ -14,9 +14,7 @@ static int do_sandbox_none(void)
 }
 #endif
 
+#if SYZ_EXECUTOR
 #define do_sandbox_setuid() 0
 #define do_sandbox_namespace() 0
-#define setup_loop()
-#define reset_loop()
-#define setup_test()
-#define reset_test()
+#endif
diff --git a/executor/common_fuchsia.h b/executor/common_fuchsia.h
index 1affa5650..302f49955 100644
--- a/executor/common_fuchsia.h
+++ b/executor/common_fuchsia.h
@@ -237,8 +237,11 @@ static int do_sandbox_none(void)
 }
 #endif
 
+#if SYZ_EXECUTOR
 #define do_sandbox_setuid() 0
 #define do_sandbox_namespace() 0
+#endif
+
 #define setup_loop()
 #define reset_loop()
 #define setup_test()
diff --git a/executor/common_linux.h b/executor/common_linux.h
index ad653f396..4ff59aa80 100644
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@@ -4,7 +4,6 @@
 // This file is shared between executor and csource package.
 
 #include <stdlib.h>
-#include <sys/mount.h>
 #include <sys/syscall.h>
 #include <sys/types.h>
 #include <unistd.h>
@@ -641,8 +640,6 @@ static long syz_genetlink_get_family_id(long name)
 #include <sys/stat.h>
 #include <sys/types.h>
 
-extern unsigned long long procid;
-
 struct fs_image_segment {
 	void* data;
 	uintptr_t size;
@@ -758,6 +755,9 @@ error:
 #endif
 
 #if SYZ_EXECUTOR || __NR_syz_mount_image
+#include <string.h>
+#include <sys/mount.h>
+
 //syz_mount_image(fs ptr[in, string[disk_filesystems]], dir ptr[in, filename], size intptr, nsegs len[segments], segments ptr[in, array[fs_image_segment]], flags flags[mount_flags], opts ptr[in, fs_options[vfat_options]])
 //fs_image_segment {
 //	data	ptr[in, array[int8]]
@@ -885,6 +885,7 @@ static long syz_kvm_setup_cpu(long a0, long a1, long a2, long a3, long a4, long
 #include <fcntl.h>
 #include <stdarg.h>
 #include <stdbool.h>
+#include <string.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 
@@ -916,6 +917,7 @@ static bool write_file(const char* file, const char* what, ...)
 #include <errno.h>
 #include <linux/net.h>
 #include <netinet/in.h>
+#include <string.h>
 #include <sys/socket.h>
 
 // checkpoint/reset_net_namespace partially resets net namespace to initial state
@@ -1572,6 +1574,7 @@ static int do_sandbox_setuid(void)
 #include <linux/capability.h>
 #include <sched.h>
 #include <sys/mman.h>
+#include <sys/mount.h>
 
 static int real_uid;
 static int real_gid;
@@ -1706,6 +1709,8 @@ static int do_sandbox_namespace(void)
 #if SYZ_EXECUTOR || SYZ_REPEAT && SYZ_USE_TMP_DIR
 #include <dirent.h>
 #include <errno.h>
+#include <string.h>
+#include <sys/mount.h>
 
 // One does not simply remove a directory.
 // There can be mounts, so we need to try to umount.
@@ -1795,6 +1800,7 @@ retry:
 
 #if SYZ_EXECUTOR || SYZ_FAULT_INJECTION
 #include <fcntl.h>
+#include <string.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 
@@ -1832,16 +1838,14 @@ static int fault_injected(int fail_fd)
 }
 #endif
 
-#if SYZ_EXECUTOR || SYZ_REPEAT
+#if SYZ_EXECUTOR || SYZ_REPEAT && SYZ_ENABLE_CGROUPS
 #include <fcntl.h>
 #include <sys/ioctl.h>
-#include <sys/prctl.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <unistd.h>
 
-extern unsigned long long procid;
-
+#define SYZ_HAVE_SETUP_LOOP 1
 static void setup_loop()
 {
 #if SYZ_ENABLE_CGROUPS
@@ -1874,7 +1878,10 @@ static void setup_loop()
 	}
 #endif
 }
+#endif
 
+#if SYZ_EXECUTOR || SYZ_REPEAT && (SYZ_RESET_NET_NAMESPACE || __NR_syz_mount_image || __NR_syz_read_part_table)
+#define SYZ_HAVE_RESET_LOOP 1
 static void reset_loop()
 {
 #if SYZ_EXECUTOR || __NR_syz_mount_image || __NR_syz_read_part_table
@@ -1890,7 +1897,12 @@ static void reset_loop()
 	reset_net_namespace();
 #endif
 }
+#endif
+
+#if SYZ_EXECUTOR || SYZ_REPEAT
+#include <sys/prctl.h>
 
+#define SYZ_HAVE_SETUP_TEST 1
 static void setup_test()
 {
 	prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0);
@@ -1917,6 +1929,7 @@ static void setup_test()
 #endif
 }
 
+#define SYZ_HAVE_RESET_TEST 1
 static void reset_test()
 {
 	// Keeping a 9p transport pipe open will hang the proccess dead,
diff --git a/executor/common_test.h b/executor/common_test.h
index 38accf58a..78b3f8e22 100644
--- a/executor/common_test.h
+++ b/executor/common_test.h
@@ -22,9 +22,7 @@ static int do_sandbox_none(void)
 }
 #endif
 
+#if SYZ_EXECUTOR
 #define do_sandbox_setuid() 0
 #define do_sandbox_namespace() 0
-#define setup_loop()
-#define reset_loop()
-#define setup_test()
-#define reset_test()
+#endif
diff --git a/executor/common_windows.h b/executor/common_windows.h
index c4fdcd66f..1aada0933 100644
--- a/executor/common_windows.h
+++ b/executor/common_windows.h
@@ -103,7 +103,16 @@ static int event_timedwait(event_t* ev, uint64 timeout_ms)
 }
 #endif
 
-#define setup_loop()
-#define reset_loop()
-#define setup_test()
-#define reset_test()
+#if SYZ_EXECUTOR || SYZ_SANDBOX_NONE
+static void loop();
+static int do_sandbox_none(void)
+{
+	loop();
+	doexit(0);
+}
+#endif
+
+#if SYZ_EXECUTOR
+#define do_sandbox_setuid() 0
+#define do_sandbox_namespace() 0
+#endif
diff --git a/executor/executor.cc b/executor/executor.cc
index 1efba1060..c5b9efe42 100644
--- a/executor/executor.cc
+++ b/executor/executor.cc
@@ -146,7 +146,6 @@ const uint64 binary_format_stroct = 4;
 
 const uint64 no_copyout = -1;
 
-unsigned long long procid;
 int running;
 uint32 completed;
 bool collide;