xref: /openbmc/qemu/system/qtest.c (revision 9d49b1c9edf829e571093088ddff0b73db3110c6)
1  /*
2   * Test Server
3   *
4   * Copyright IBM, Corp. 2011
5   *
6   * Authors:
7   *  Anthony Liguori   <aliguori@us.ibm.com>
8   *
9   * This work is licensed under the terms of the GNU GPL, version 2 or later.
10   * See the COPYING file in the top-level directory.
11   *
12   */
13  
14  #include "qemu/osdep.h"
15  #include "qapi/error.h"
16  #include "sysemu/qtest.h"
17  #include "sysemu/runstate.h"
18  #include "chardev/char-fe.h"
19  #include "exec/ioport.h"
20  #include "exec/memory.h"
21  #include "exec/tswap.h"
22  #include "hw/qdev-core.h"
23  #include "hw/irq.h"
24  #include "hw/core/cpu.h"
25  #include "qemu/accel.h"
26  #include "sysemu/cpu-timers.h"
27  #include "qemu/config-file.h"
28  #include "qemu/option.h"
29  #include "qemu/error-report.h"
30  #include "qemu/module.h"
31  #include "qemu/cutils.h"
32  #include "qom/object_interfaces.h"
33  
34  #define MAX_IRQ 256
35  
36  #define TYPE_QTEST "qtest"
37  
38  OBJECT_DECLARE_SIMPLE_TYPE(QTest, QTEST)
39  
40  struct QTest {
41      Object parent;
42  
43      bool has_machine_link;
44      char *chr_name;
45      Chardev *chr;
46      CharBackend qtest_chr;
47      char *log;
48  };
49  
50  bool qtest_allowed;
51  
52  static DeviceState *irq_intercept_dev;
53  static FILE *qtest_log_fp;
54  static QTest *qtest;
55  static GString *inbuf;
56  static int irq_levels[MAX_IRQ];
57  static GTimer *timer;
58  static bool qtest_opened;
59  static void (*qtest_server_send)(void*, const char*);
60  static void *qtest_server_send_opaque;
61  
62  #define FMT_timeval "%.06f"
63  
64  /**
65   * DOC: QTest Protocol
66   *
67   * Line based protocol, request/response based.  Server can send async messages
68   * so clients should always handle many async messages before the response
69   * comes in.
70   *
71   * Valid requests
72   * ^^^^^^^^^^^^^^
73   *
74   * Clock management:
75   * """""""""""""""""
76   *
77   * The qtest client is completely in charge of the QEMU_CLOCK_VIRTUAL.  qtest commands
78   * let you adjust the value of the clock (monotonically).  All the commands
79   * return the current value of the clock in nanoseconds.
80   *
81   * .. code-block:: none
82   *
83   *  > clock_step
84   *  < OK VALUE
85   *
86   * Advance the clock to the next deadline.  Useful when waiting for
87   * asynchronous events.
88   *
89   * .. code-block:: none
90   *
91   *  > clock_step NS
92   *  < OK VALUE
93   *
94   * Advance the clock by NS nanoseconds.
95   *
96   * .. code-block:: none
97   *
98   *  > clock_set NS
99   *  < OK VALUE
100   *
101   * Advance the clock to NS nanoseconds (do nothing if it's already past).
102   *
103   * PIO and memory access:
104   * """"""""""""""""""""""
105   *
106   * .. code-block:: none
107   *
108   *  > outb ADDR VALUE
109   *  < OK
110   *
111   * .. code-block:: none
112   *
113   *  > outw ADDR VALUE
114   *  < OK
115   *
116   * .. code-block:: none
117   *
118   *  > outl ADDR VALUE
119   *  < OK
120   *
121   * .. code-block:: none
122   *
123   *  > inb ADDR
124   *  < OK VALUE
125   *
126   * .. code-block:: none
127   *
128   *  > inw ADDR
129   *  < OK VALUE
130   *
131   * .. code-block:: none
132   *
133   *  > inl ADDR
134   *  < OK VALUE
135   *
136   * .. code-block:: none
137   *
138   *  > writeb ADDR VALUE
139   *  < OK
140   *
141   * .. code-block:: none
142   *
143   *  > writew ADDR VALUE
144   *  < OK
145   *
146   * .. code-block:: none
147   *
148   *  > writel ADDR VALUE
149   *  < OK
150   *
151   * .. code-block:: none
152   *
153   *  > writeq ADDR VALUE
154   *  < OK
155   *
156   * .. code-block:: none
157   *
158   *  > readb ADDR
159   *  < OK VALUE
160   *
161   * .. code-block:: none
162   *
163   *  > readw ADDR
164   *  < OK VALUE
165   *
166   * .. code-block:: none
167   *
168   *  > readl ADDR
169   *  < OK VALUE
170   *
171   * .. code-block:: none
172   *
173   *  > readq ADDR
174   *  < OK VALUE
175   *
176   * .. code-block:: none
177   *
178   *  > read ADDR SIZE
179   *  < OK DATA
180   *
181   * .. code-block:: none
182   *
183   *  > write ADDR SIZE DATA
184   *  < OK
185   *
186   * .. code-block:: none
187   *
188   *  > b64read ADDR SIZE
189   *  < OK B64_DATA
190   *
191   * .. code-block:: none
192   *
193   *  > b64write ADDR SIZE B64_DATA
194   *  < OK
195   *
196   * .. code-block:: none
197   *
198   *  > memset ADDR SIZE VALUE
199   *  < OK
200   *
201   * ADDR, SIZE, VALUE are all integers parsed with strtoul() with a base of 0.
202   * For 'memset' a zero size is permitted and does nothing.
203   *
204   * DATA is an arbitrarily long hex number prefixed with '0x'.  If it's smaller
205   * than the expected size, the value will be zero filled at the end of the data
206   * sequence.
207   *
208   * B64_DATA is an arbitrarily long base64 encoded string.
209   * If the sizes do not match, the data will be truncated.
210   *
211   * IRQ management:
212   * """""""""""""""
213   *
214   * .. code-block:: none
215   *
216   *  > irq_intercept_in QOM-PATH
217   *  < OK
218   *
219   * .. code-block:: none
220   *
221   *  > irq_intercept_out QOM-PATH
222   *  < OK
223   *
224   * Attach to the gpio-in (resp. gpio-out) pins exported by the device at
225   * QOM-PATH.  When the pin is triggered, one of the following async messages
226   * will be printed to the qtest stream::
227   *
228   *  IRQ raise NUM
229   *  IRQ lower NUM
230   *
231   * where NUM is an IRQ number.  For the PC, interrupts can be intercepted
232   * simply with "irq_intercept_in ioapic" (note that IRQ0 comes out with
233   * NUM=0 even though it is remapped to GSI 2).
234   *
235   * Setting interrupt level:
236   * """"""""""""""""""""""""
237   *
238   * .. code-block:: none
239   *
240   *  > set_irq_in QOM-PATH NAME NUM LEVEL
241   *  < OK
242   *
243   * where NAME is the name of the irq/gpio list, NUM is an IRQ number and
244   * LEVEL is an signed integer IRQ level.
245   *
246   * Forcibly set the given interrupt pin to the given level.
247   *
248   */
249  
250  static int hex2nib(char ch)
251  {
252      if (ch >= '0' && ch <= '9') {
253          return ch - '0';
254      } else if (ch >= 'a' && ch <= 'f') {
255          return 10 + (ch - 'a');
256      } else if (ch >= 'A' && ch <= 'F') {
257          return 10 + (ch - 'A');
258      } else {
259          return -1;
260      }
261  }
262  
263  void qtest_send_prefix(CharBackend *chr)
264  {
265      if (!qtest_log_fp || !qtest_opened) {
266          return;
267      }
268  
269      fprintf(qtest_log_fp, "[S +" FMT_timeval "] ", g_timer_elapsed(timer, NULL));
270  }
271  
272  static void G_GNUC_PRINTF(1, 2) qtest_log_send(const char *fmt, ...)
273  {
274      va_list ap;
275  
276      if (!qtest_log_fp || !qtest_opened) {
277          return;
278      }
279  
280      qtest_send_prefix(NULL);
281  
282      va_start(ap, fmt);
283      vfprintf(qtest_log_fp, fmt, ap);
284      va_end(ap);
285  }
286  
287  static void qtest_server_char_be_send(void *opaque, const char *str)
288  {
289      size_t len = strlen(str);
290      CharBackend* chr = (CharBackend *)opaque;
291      qemu_chr_fe_write_all(chr, (uint8_t *)str, len);
292      if (qtest_log_fp && qtest_opened) {
293          fprintf(qtest_log_fp, "%s", str);
294      }
295  }
296  
297  static void qtest_send(CharBackend *chr, const char *str)
298  {
299      qtest_server_send(qtest_server_send_opaque, str);
300  }
301  
302  void qtest_sendf(CharBackend *chr, const char *fmt, ...)
303  {
304      va_list ap;
305      gchar *buffer;
306  
307      va_start(ap, fmt);
308      buffer = g_strdup_vprintf(fmt, ap);
309      qtest_send(chr, buffer);
310      g_free(buffer);
311      va_end(ap);
312  }
313  
314  static void qtest_irq_handler(void *opaque, int n, int level)
315  {
316      qemu_irq old_irq = *(qemu_irq *)opaque;
317      qemu_set_irq(old_irq, level);
318  
319      if (irq_levels[n] != level) {
320          CharBackend *chr = &qtest->qtest_chr;
321          irq_levels[n] = level;
322          qtest_send_prefix(chr);
323          qtest_sendf(chr, "IRQ %s %d\n",
324                      level ? "raise" : "lower", n);
325      }
326  }
327  
328  static bool (*process_command_cb)(CharBackend *chr, gchar **words);
329  
330  void qtest_set_command_cb(bool (*pc_cb)(CharBackend *chr, gchar **words))
331  {
332      assert(!process_command_cb);  /* Switch to a list if we need more than one */
333  
334      process_command_cb = pc_cb;
335  }
336  
337  static void qtest_install_gpio_out_intercept(DeviceState *dev, const char *name, int n)
338  {
339      qemu_irq *disconnected = g_new0(qemu_irq, 1);
340      qemu_irq icpt = qemu_allocate_irq(qtest_irq_handler,
341                                        disconnected, n);
342  
343      *disconnected = qdev_intercept_gpio_out(dev, icpt, name, n);
344  }
345  
346  static void qtest_process_command(CharBackend *chr, gchar **words)
347  {
348      const gchar *command;
349  
350      g_assert(words);
351  
352      command = words[0];
353  
354      if (qtest_log_fp) {
355          int i;
356  
357          fprintf(qtest_log_fp, "[R +" FMT_timeval "]", g_timer_elapsed(timer, NULL));
358          for (i = 0; words[i]; i++) {
359              fprintf(qtest_log_fp, " %s", words[i]);
360          }
361          fprintf(qtest_log_fp, "\n");
362      }
363  
364      g_assert(command);
365      if (strcmp(words[0], "irq_intercept_out") == 0
366          || strcmp(words[0], "irq_intercept_in") == 0) {
367          DeviceState *dev;
368          NamedGPIOList *ngl;
369          bool is_named;
370          bool is_outbound;
371          bool interception_succeeded = false;
372  
373          g_assert(words[1]);
374          is_named = words[2] != NULL;
375          is_outbound = words[0][14] == 'o';
376          dev = DEVICE(object_resolve_path(words[1], NULL));
377          if (!dev) {
378              qtest_send_prefix(chr);
379              qtest_send(chr, "FAIL Unknown device\n");
380              return;
381          }
382  
383          if (is_named && !is_outbound) {
384              qtest_send_prefix(chr);
385              qtest_send(chr, "FAIL Interception of named in-GPIOs not yet supported\n");
386              return;
387          }
388  
389          if (irq_intercept_dev) {
390              qtest_send_prefix(chr);
391              if (irq_intercept_dev != dev) {
392                  qtest_send(chr, "FAIL IRQ intercept already enabled\n");
393              } else {
394                  qtest_send(chr, "OK\n");
395              }
396              return;
397          }
398  
399          QLIST_FOREACH(ngl, &dev->gpios, node) {
400              /* We don't support inbound interception of named GPIOs yet */
401              if (is_outbound) {
402                  /* NULL is valid and matchable, for "unnamed GPIO" */
403                  if (g_strcmp0(ngl->name, words[2]) == 0) {
404                      int i;
405                      for (i = 0; i < ngl->num_out; ++i) {
406                          qtest_install_gpio_out_intercept(dev, ngl->name, i);
407                      }
408                      interception_succeeded = true;
409                  }
410              } else {
411                  qemu_irq_intercept_in(ngl->in, qtest_irq_handler,
412                                        ngl->num_in);
413                  interception_succeeded = true;
414              }
415          }
416  
417          qtest_send_prefix(chr);
418          if (interception_succeeded) {
419              irq_intercept_dev = dev;
420              qtest_send(chr, "OK\n");
421          } else {
422              qtest_send(chr, "FAIL No intercepts installed\n");
423          }
424      } else if (strcmp(words[0], "set_irq_in") == 0) {
425          DeviceState *dev;
426          qemu_irq irq;
427          char *name;
428          int ret;
429          int num;
430          int level;
431  
432          g_assert(words[1] && words[2] && words[3] && words[4]);
433  
434          dev = DEVICE(object_resolve_path(words[1], NULL));
435          if (!dev) {
436              qtest_send_prefix(chr);
437              qtest_send(chr, "FAIL Unknown device\n");
438              return;
439          }
440  
441          if (strcmp(words[2], "unnamed-gpio-in") == 0) {
442              name = NULL;
443          } else {
444              name = words[2];
445          }
446  
447          ret = qemu_strtoi(words[3], NULL, 0, &num);
448          g_assert(!ret);
449          ret = qemu_strtoi(words[4], NULL, 0, &level);
450          g_assert(!ret);
451  
452          irq = qdev_get_gpio_in_named(dev, name, num);
453  
454          qemu_set_irq(irq, level);
455          qtest_send_prefix(chr);
456          qtest_send(chr, "OK\n");
457      } else if (strcmp(words[0], "outb") == 0 ||
458                 strcmp(words[0], "outw") == 0 ||
459                 strcmp(words[0], "outl") == 0) {
460          unsigned long addr;
461          unsigned long value;
462          int ret;
463  
464          g_assert(words[1] && words[2]);
465          ret = qemu_strtoul(words[1], NULL, 0, &addr);
466          g_assert(ret == 0);
467          ret = qemu_strtoul(words[2], NULL, 0, &value);
468          g_assert(ret == 0);
469          g_assert(addr <= 0xffff);
470  
471          if (words[0][3] == 'b') {
472              cpu_outb(addr, value);
473          } else if (words[0][3] == 'w') {
474              cpu_outw(addr, value);
475          } else if (words[0][3] == 'l') {
476              cpu_outl(addr, value);
477          }
478          qtest_send_prefix(chr);
479          qtest_send(chr, "OK\n");
480      } else if (strcmp(words[0], "inb") == 0 ||
481          strcmp(words[0], "inw") == 0 ||
482          strcmp(words[0], "inl") == 0) {
483          unsigned long addr;
484          uint32_t value = -1U;
485          int ret;
486  
487          g_assert(words[1]);
488          ret = qemu_strtoul(words[1], NULL, 0, &addr);
489          g_assert(ret == 0);
490          g_assert(addr <= 0xffff);
491  
492          if (words[0][2] == 'b') {
493              value = cpu_inb(addr);
494          } else if (words[0][2] == 'w') {
495              value = cpu_inw(addr);
496          } else if (words[0][2] == 'l') {
497              value = cpu_inl(addr);
498          }
499          qtest_send_prefix(chr);
500          qtest_sendf(chr, "OK 0x%04x\n", value);
501      } else if (strcmp(words[0], "writeb") == 0 ||
502                 strcmp(words[0], "writew") == 0 ||
503                 strcmp(words[0], "writel") == 0 ||
504                 strcmp(words[0], "writeq") == 0) {
505          uint64_t addr;
506          uint64_t value;
507          int ret;
508  
509          g_assert(words[1] && words[2]);
510          ret = qemu_strtou64(words[1], NULL, 0, &addr);
511          g_assert(ret == 0);
512          ret = qemu_strtou64(words[2], NULL, 0, &value);
513          g_assert(ret == 0);
514  
515          if (words[0][5] == 'b') {
516              uint8_t data = value;
517              address_space_write(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED,
518                                  &data, 1);
519          } else if (words[0][5] == 'w') {
520              uint16_t data = value;
521              tswap16s(&data);
522              address_space_write(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED,
523                                  &data, 2);
524          } else if (words[0][5] == 'l') {
525              uint32_t data = value;
526              tswap32s(&data);
527              address_space_write(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED,
528                                  &data, 4);
529          } else if (words[0][5] == 'q') {
530              uint64_t data = value;
531              tswap64s(&data);
532              address_space_write(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED,
533                                  &data, 8);
534          }
535          qtest_send_prefix(chr);
536          qtest_send(chr, "OK\n");
537      } else if (strcmp(words[0], "readb") == 0 ||
538                 strcmp(words[0], "readw") == 0 ||
539                 strcmp(words[0], "readl") == 0 ||
540                 strcmp(words[0], "readq") == 0) {
541          uint64_t addr;
542          uint64_t value = UINT64_C(-1);
543          int ret;
544  
545          g_assert(words[1]);
546          ret = qemu_strtou64(words[1], NULL, 0, &addr);
547          g_assert(ret == 0);
548  
549          if (words[0][4] == 'b') {
550              uint8_t data;
551              address_space_read(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED,
552                                 &data, 1);
553              value = data;
554          } else if (words[0][4] == 'w') {
555              uint16_t data;
556              address_space_read(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED,
557                                 &data, 2);
558              value = tswap16(data);
559          } else if (words[0][4] == 'l') {
560              uint32_t data;
561              address_space_read(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED,
562                                 &data, 4);
563              value = tswap32(data);
564          } else if (words[0][4] == 'q') {
565              address_space_read(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED,
566                                 &value, 8);
567              tswap64s(&value);
568          }
569          qtest_send_prefix(chr);
570          qtest_sendf(chr, "OK 0x%016" PRIx64 "\n", value);
571      } else if (strcmp(words[0], "read") == 0) {
572          g_autoptr(GString) enc = NULL;
573          uint64_t addr, len;
574          uint8_t *data;
575          int ret;
576  
577          g_assert(words[1] && words[2]);
578          ret = qemu_strtou64(words[1], NULL, 0, &addr);
579          g_assert(ret == 0);
580          ret = qemu_strtou64(words[2], NULL, 0, &len);
581          g_assert(ret == 0);
582          /* We'd send garbage to libqtest if len is 0 */
583          g_assert(len);
584  
585          data = g_malloc(len);
586          address_space_read(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED, data,
587                             len);
588  
589          enc = qemu_hexdump_line(NULL, data, len, 0, 0);
590  
591          qtest_send_prefix(chr);
592          qtest_sendf(chr, "OK 0x%s\n", enc->str);
593  
594          g_free(data);
595      } else if (strcmp(words[0], "b64read") == 0) {
596          uint64_t addr, len;
597          uint8_t *data;
598          gchar *b64_data;
599          int ret;
600  
601          g_assert(words[1] && words[2]);
602          ret = qemu_strtou64(words[1], NULL, 0, &addr);
603          g_assert(ret == 0);
604          ret = qemu_strtou64(words[2], NULL, 0, &len);
605          g_assert(ret == 0);
606  
607          data = g_malloc(len);
608          address_space_read(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED, data,
609                             len);
610          b64_data = g_base64_encode(data, len);
611          qtest_send_prefix(chr);
612          qtest_sendf(chr, "OK %s\n", b64_data);
613  
614          g_free(data);
615          g_free(b64_data);
616      } else if (strcmp(words[0], "write") == 0) {
617          uint64_t addr, len, i;
618          uint8_t *data;
619          size_t data_len;
620          int ret;
621  
622          g_assert(words[1] && words[2] && words[3]);
623          ret = qemu_strtou64(words[1], NULL, 0, &addr);
624          g_assert(ret == 0);
625          ret = qemu_strtou64(words[2], NULL, 0, &len);
626          g_assert(ret == 0);
627  
628          data_len = strlen(words[3]);
629          if (data_len < 3) {
630              qtest_send(chr, "ERR invalid argument size\n");
631              return;
632          }
633  
634          data = g_malloc(len);
635          for (i = 0; i < len; i++) {
636              if ((i * 2 + 4) <= data_len) {
637                  data[i] = hex2nib(words[3][i * 2 + 2]) << 4;
638                  data[i] |= hex2nib(words[3][i * 2 + 3]);
639              } else {
640                  data[i] = 0;
641              }
642          }
643          address_space_write(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED, data,
644                              len);
645          g_free(data);
646  
647          qtest_send_prefix(chr);
648          qtest_send(chr, "OK\n");
649      } else if (strcmp(words[0], "memset") == 0) {
650          uint64_t addr, len;
651          uint8_t *data;
652          unsigned long pattern;
653          int ret;
654  
655          g_assert(words[1] && words[2] && words[3]);
656          ret = qemu_strtou64(words[1], NULL, 0, &addr);
657          g_assert(ret == 0);
658          ret = qemu_strtou64(words[2], NULL, 0, &len);
659          g_assert(ret == 0);
660          ret = qemu_strtoul(words[3], NULL, 0, &pattern);
661          g_assert(ret == 0);
662  
663          if (len) {
664              data = g_malloc(len);
665              memset(data, pattern, len);
666              address_space_write(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED,
667                                  data, len);
668              g_free(data);
669          }
670  
671          qtest_send_prefix(chr);
672          qtest_send(chr, "OK\n");
673      }  else if (strcmp(words[0], "b64write") == 0) {
674          uint64_t addr, len;
675          uint8_t *data;
676          size_t data_len;
677          gsize out_len;
678          int ret;
679  
680          g_assert(words[1] && words[2] && words[3]);
681          ret = qemu_strtou64(words[1], NULL, 0, &addr);
682          g_assert(ret == 0);
683          ret = qemu_strtou64(words[2], NULL, 0, &len);
684          g_assert(ret == 0);
685  
686          data_len = strlen(words[3]);
687          if (data_len < 3) {
688              qtest_send(chr, "ERR invalid argument size\n");
689              return;
690          }
691  
692          data = g_base64_decode_inplace(words[3], &out_len);
693          if (out_len != len) {
694              qtest_log_send("b64write: data length mismatch (told %"PRIu64", "
695                             "found %zu)\n",
696                             len, out_len);
697              out_len = MIN(out_len, len);
698          }
699  
700          address_space_write(first_cpu->as, addr, MEMTXATTRS_UNSPECIFIED, data,
701                              len);
702  
703          qtest_send_prefix(chr);
704          qtest_send(chr, "OK\n");
705      } else if (strcmp(words[0], "endianness") == 0) {
706          qtest_send_prefix(chr);
707          if (target_words_bigendian()) {
708              qtest_sendf(chr, "OK big\n");
709          } else {
710              qtest_sendf(chr, "OK little\n");
711          }
712      } else if (qtest_enabled() && strcmp(words[0], "clock_step") == 0) {
713          int64_t ns;
714  
715          if (words[1]) {
716              int ret = qemu_strtoi64(words[1], NULL, 0, &ns);
717              g_assert(ret == 0);
718          } else {
719              ns = qemu_clock_deadline_ns_all(QEMU_CLOCK_VIRTUAL,
720                                              QEMU_TIMER_ATTR_ALL);
721          }
722          qemu_clock_advance_virtual_time(
723              qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + ns);
724          qtest_send_prefix(chr);
725          qtest_sendf(chr, "OK %"PRIi64"\n",
726                      (int64_t)qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL));
727      } else if (strcmp(words[0], "module_load") == 0) {
728          Error *local_err = NULL;
729          int rv;
730          g_assert(words[1] && words[2]);
731  
732          qtest_send_prefix(chr);
733          rv = module_load(words[1], words[2], &local_err);
734          if (rv > 0) {
735              qtest_sendf(chr, "OK\n");
736          } else {
737              if (rv < 0) {
738                  error_report_err(local_err);
739              }
740              qtest_sendf(chr, "FAIL\n");
741          }
742      } else if (qtest_enabled() && strcmp(words[0], "clock_set") == 0) {
743          int64_t ns;
744          int ret;
745  
746          g_assert(words[1]);
747          ret = qemu_strtoi64(words[1], NULL, 0, &ns);
748          g_assert(ret == 0);
749          qemu_clock_advance_virtual_time(ns);
750          qtest_send_prefix(chr);
751          qtest_sendf(chr, "OK %"PRIi64"\n",
752                      (int64_t)qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL));
753      } else if (process_command_cb && process_command_cb(chr, words)) {
754          /* Command got consumed by the callback handler */
755      } else {
756          qtest_send_prefix(chr);
757          qtest_sendf(chr, "FAIL Unknown command '%s'\n", words[0]);
758      }
759  }
760  
761  static void qtest_process_inbuf(CharBackend *chr, GString *inbuf)
762  {
763      char *end;
764  
765      while ((end = strchr(inbuf->str, '\n')) != NULL) {
766          size_t offset;
767          GString *cmd;
768          gchar **words;
769  
770          offset = end - inbuf->str;
771  
772          cmd = g_string_new_len(inbuf->str, offset);
773          g_string_erase(inbuf, 0, offset + 1);
774  
775          words = g_strsplit(cmd->str, " ", 0);
776          qtest_process_command(chr, words);
777          g_strfreev(words);
778  
779          g_string_free(cmd, TRUE);
780      }
781  }
782  
783  static void qtest_read(void *opaque, const uint8_t *buf, int size)
784  {
785      CharBackend *chr = opaque;
786  
787      g_string_append_len(inbuf, (const gchar *)buf, size);
788      qtest_process_inbuf(chr, inbuf);
789  }
790  
791  static int qtest_can_read(void *opaque)
792  {
793      return 1024;
794  }
795  
796  static void qtest_event(void *opaque, QEMUChrEvent event)
797  {
798      int i;
799  
800      switch (event) {
801      case CHR_EVENT_OPENED:
802          /*
803           * We used to call qemu_system_reset() here, hoping we could
804           * use the same process for multiple tests that way.  Never
805           * used.  Injects an extra reset even when it's not used, and
806           * that can mess up tests, e.g. -boot once.
807           */
808          for (i = 0; i < ARRAY_SIZE(irq_levels); i++) {
809              irq_levels[i] = 0;
810          }
811  
812          g_clear_pointer(&timer, g_timer_destroy);
813          timer = g_timer_new();
814          qtest_opened = true;
815          if (qtest_log_fp) {
816              fprintf(qtest_log_fp, "[I " FMT_timeval "] OPENED\n", g_timer_elapsed(timer, NULL));
817          }
818          break;
819      case CHR_EVENT_CLOSED:
820          qtest_opened = false;
821          if (qtest_log_fp) {
822              fprintf(qtest_log_fp, "[I +" FMT_timeval "] CLOSED\n", g_timer_elapsed(timer, NULL));
823          }
824          g_clear_pointer(&timer, g_timer_destroy);
825          break;
826      default:
827          break;
828      }
829  }
830  
831  void qtest_server_init(const char *qtest_chrdev, const char *qtest_log, Error **errp)
832  {
833      ERRP_GUARD();
834      Chardev *chr;
835      Object *qobj;
836  
837      chr = qemu_chr_new("qtest", qtest_chrdev, NULL);
838      if (chr == NULL) {
839          error_setg(errp, "Failed to initialize device for qtest: \"%s\"",
840                     qtest_chrdev);
841          return;
842      }
843  
844      qobj = object_new(TYPE_QTEST);
845      object_property_set_str(qobj, "chardev", chr->label, &error_abort);
846      if (qtest_log) {
847          object_property_set_str(qobj, "log", qtest_log, &error_abort);
848      }
849      object_property_add_child(qdev_get_machine(), "qtest", qobj);
850      user_creatable_complete(USER_CREATABLE(qobj), errp);
851      if (*errp) {
852          object_unparent(qobj);
853      }
854      object_unref(OBJECT(chr));
855      object_unref(qobj);
856  }
857  
858  static bool qtest_server_start(QTest *q, Error **errp)
859  {
860      Chardev *chr = q->chr;
861      const char *qtest_log = q->log;
862  
863      if (qtest_log) {
864          if (strcmp(qtest_log, "none") != 0) {
865              qtest_log_fp = fopen(qtest_log, "w+");
866          }
867      } else {
868          qtest_log_fp = stderr;
869      }
870  
871      if (!qemu_chr_fe_init(&q->qtest_chr, chr, errp)) {
872          return false;
873      }
874      qemu_chr_fe_set_handlers(&q->qtest_chr, qtest_can_read, qtest_read,
875                               qtest_event, NULL, &q->qtest_chr, NULL, true);
876      qemu_chr_fe_set_echo(&q->qtest_chr, true);
877  
878      inbuf = g_string_new("");
879  
880      if (!qtest_server_send) {
881          qtest_server_set_send_handler(qtest_server_char_be_send, &q->qtest_chr);
882      }
883      qtest = q;
884      return true;
885  }
886  
887  void qtest_server_set_send_handler(void (*send)(void*, const char*),
888                                     void *opaque)
889  {
890      qtest_server_send = send;
891      qtest_server_send_opaque = opaque;
892  }
893  
894  bool qtest_driver(void)
895  {
896      return qtest && qtest->qtest_chr.chr != NULL;
897  }
898  
899  void qtest_server_inproc_recv(void *dummy, const char *buf)
900  {
901      static GString *gstr;
902      if (!gstr) {
903          gstr = g_string_new(NULL);
904      }
905      g_string_append(gstr, buf);
906      if (gstr->str[gstr->len - 1] == '\n') {
907          qtest_process_inbuf(NULL, gstr);
908          g_string_truncate(gstr, 0);
909      }
910  }
911  
912  static void qtest_complete(UserCreatable *uc, Error **errp)
913  {
914      QTest *q = QTEST(uc);
915      if (qtest) {
916          error_setg(errp, "Only one instance of qtest can be created");
917          return;
918      }
919      if (!q->chr_name) {
920          error_setg(errp, "No backend specified");
921          return;
922      }
923  
924      if (OBJECT(uc)->parent != qdev_get_machine()) {
925          q->has_machine_link = true;
926          object_property_add_const_link(qdev_get_machine(), "qtest", OBJECT(uc));
927      } else {
928          /* -qtest was used.  */
929      }
930  
931      qtest_server_start(q, errp);
932  }
933  
934  static void qtest_unparent(Object *obj)
935  {
936      QTest *q = QTEST(obj);
937  
938      if (qtest == q) {
939          qemu_chr_fe_disconnect(&q->qtest_chr);
940          assert(!qtest_opened);
941          qemu_chr_fe_deinit(&q->qtest_chr, false);
942          if (qtest_log_fp) {
943              fclose(qtest_log_fp);
944              qtest_log_fp = NULL;
945          }
946          qtest = NULL;
947      }
948  
949      if (q->has_machine_link) {
950          object_property_del(qdev_get_machine(), "qtest");
951          q->has_machine_link = false;
952      }
953  }
954  
955  static void qtest_set_log(Object *obj, const char *value, Error **errp)
956  {
957      QTest *q = QTEST(obj);
958  
959      if (qtest == q) {
960          error_setg(errp, "Property 'log' can not be set now");
961      } else {
962          g_free(q->log);
963          q->log = g_strdup(value);
964      }
965  }
966  
967  static char *qtest_get_log(Object *obj, Error **errp)
968  {
969      QTest *q = QTEST(obj);
970  
971      return g_strdup(q->log);
972  }
973  
974  static void qtest_set_chardev(Object *obj, const char *value, Error **errp)
975  {
976      QTest *q = QTEST(obj);
977      Chardev *chr;
978  
979      if (qtest == q) {
980          error_setg(errp, "Property 'chardev' can not be set now");
981          return;
982      }
983  
984      chr = qemu_chr_find(value);
985      if (!chr) {
986          error_setg(errp, "Cannot find character device '%s'", value);
987          return;
988      }
989  
990      g_free(q->chr_name);
991      q->chr_name = g_strdup(value);
992  
993      if (q->chr) {
994          object_unref(q->chr);
995      }
996      q->chr = chr;
997      object_ref(chr);
998  }
999  
1000  static char *qtest_get_chardev(Object *obj, Error **errp)
1001  {
1002      QTest *q = QTEST(obj);
1003  
1004      return g_strdup(q->chr_name);
1005  }
1006  
1007  static void qtest_class_init(ObjectClass *oc, void *data)
1008  {
1009      UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
1010  
1011      oc->unparent = qtest_unparent;
1012      ucc->complete = qtest_complete;
1013  
1014      object_class_property_add_str(oc, "chardev",
1015                                    qtest_get_chardev, qtest_set_chardev);
1016      object_class_property_add_str(oc, "log",
1017                                    qtest_get_log, qtest_set_log);
1018  }
1019  
1020  static const TypeInfo qtest_info = {
1021      .name = TYPE_QTEST,
1022      .parent = TYPE_OBJECT,
1023      .class_init = qtest_class_init,
1024      .instance_size = sizeof(QTest),
1025      .interfaces = (InterfaceInfo[]) {
1026          { TYPE_USER_CREATABLE },
1027          { }
1028      }
1029  };
1030  
1031  static void register_types(void)
1032  {
1033      type_register_static(&qtest_info);
1034  }
1035  
1036  type_init(register_types);
1037