xref: /openbmc/qemu/tests/qtest/libqtest.c (revision 448058aa)
1 /*
2  * QTest
3  *
4  * Copyright IBM, Corp. 2012
5  * Copyright Red Hat, Inc. 2012
6  * Copyright SUSE LINUX Products GmbH 2013
7  *
8  * Authors:
9  *  Anthony Liguori   <aliguori@us.ibm.com>
10  *  Paolo Bonzini     <pbonzini@redhat.com>
11  *  Andreas Färber    <afaerber@suse.de>
12  *
13  * This work is licensed under the terms of the GNU GPL, version 2 or later.
14  * See the COPYING file in the top-level directory.
15  */
16 
17 #include "qemu/osdep.h"
18 
19 #include <sys/socket.h>
20 #include <sys/wait.h>
21 #include <sys/un.h>
22 
23 #include "libqos/libqtest.h"
24 #include "qemu-common.h"
25 #include "qemu/ctype.h"
26 #include "qemu/cutils.h"
27 #include "qapi/error.h"
28 #include "qapi/qmp/json-parser.h"
29 #include "qapi/qmp/qdict.h"
30 #include "qapi/qmp/qjson.h"
31 #include "qapi/qmp/qlist.h"
32 #include "qapi/qmp/qstring.h"
33 
34 #define MAX_IRQ 256
35 #define SOCKET_TIMEOUT 50
36 #define SOCKET_MAX_FDS 16
37 
38 
39 typedef void (*QTestSendFn)(QTestState *s, const char *buf);
40 typedef void (*ExternalSendFn)(void *s, const char *buf);
41 typedef GString* (*QTestRecvFn)(QTestState *);
42 
43 typedef struct QTestClientTransportOps {
44     QTestSendFn     send;      /* for sending qtest commands */
45 
46     /*
47      * use external_send to send qtest command strings through functions which
48      * do not accept a QTestState as the first parameter.
49      */
50     ExternalSendFn  external_send;
51 
52     QTestRecvFn     recv_line; /* for receiving qtest command responses */
53 } QTestTransportOps;
54 
55 struct QTestState
56 {
57     int fd;
58     int qmp_fd;
59     pid_t qemu_pid;  /* our child QEMU process */
60     int wstatus;
61     int expected_status;
62     bool big_endian;
63     bool irq_level[MAX_IRQ];
64     GString *rx;
65     QTestTransportOps ops;
66 };
67 
68 static GHookList abrt_hooks;
69 static struct sigaction sigact_old;
70 
71 static int qtest_query_target_endianness(QTestState *s);
72 
73 static void qtest_client_socket_send(QTestState*, const char *buf);
74 static void socket_send(int fd, const char *buf, size_t size);
75 
76 static GString *qtest_client_socket_recv_line(QTestState *);
77 
78 static void qtest_client_set_tx_handler(QTestState *s, QTestSendFn send);
79 static void qtest_client_set_rx_handler(QTestState *s, QTestRecvFn recv);
80 
81 static int init_socket(const char *socket_path)
82 {
83     struct sockaddr_un addr;
84     int sock;
85     int ret;
86 
87     sock = socket(PF_UNIX, SOCK_STREAM, 0);
88     g_assert_cmpint(sock, !=, -1);
89 
90     addr.sun_family = AF_UNIX;
91     snprintf(addr.sun_path, sizeof(addr.sun_path), "%s", socket_path);
92     qemu_set_cloexec(sock);
93 
94     do {
95         ret = bind(sock, (struct sockaddr *)&addr, sizeof(addr));
96     } while (ret == -1 && errno == EINTR);
97     g_assert_cmpint(ret, !=, -1);
98     ret = listen(sock, 1);
99     g_assert_cmpint(ret, !=, -1);
100 
101     return sock;
102 }
103 
104 static int socket_accept(int sock)
105 {
106     struct sockaddr_un addr;
107     socklen_t addrlen;
108     int ret;
109     struct timeval timeout = { .tv_sec = SOCKET_TIMEOUT,
110                                .tv_usec = 0 };
111 
112     setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, (void *)&timeout,
113                sizeof(timeout));
114 
115     do {
116         addrlen = sizeof(addr);
117         ret = accept(sock, (struct sockaddr *)&addr, &addrlen);
118     } while (ret == -1 && errno == EINTR);
119     if (ret == -1) {
120         fprintf(stderr, "%s failed: %s\n", __func__, strerror(errno));
121     }
122     close(sock);
123 
124     return ret;
125 }
126 
127 bool qtest_probe_child(QTestState *s)
128 {
129     pid_t pid = s->qemu_pid;
130 
131     if (pid != -1) {
132         pid = waitpid(pid, &s->wstatus, WNOHANG);
133         if (pid == 0) {
134             return true;
135         }
136         s->qemu_pid = -1;
137     }
138     return false;
139 }
140 
141 void qtest_set_expected_status(QTestState *s, int status)
142 {
143     s->expected_status = status;
144 }
145 
146 static void kill_qemu(QTestState *s)
147 {
148     pid_t pid = s->qemu_pid;
149     int wstatus;
150 
151     /* Skip wait if qtest_probe_child already reaped.  */
152     if (pid != -1) {
153         kill(pid, SIGTERM);
154         TFR(pid = waitpid(s->qemu_pid, &s->wstatus, 0));
155         assert(pid == s->qemu_pid);
156     }
157 
158     /*
159      * Check whether qemu exited with expected exit status; anything else is
160      * fishy and should be logged with as much detail as possible.
161      */
162     wstatus = s->wstatus;
163     if (WIFEXITED(wstatus) && WEXITSTATUS(wstatus) != s->expected_status) {
164         fprintf(stderr, "%s:%d: kill_qemu() tried to terminate QEMU "
165                 "process but encountered exit status %d (expected %d)\n",
166                 __FILE__, __LINE__, WEXITSTATUS(wstatus), s->expected_status);
167         abort();
168     } else if (WIFSIGNALED(wstatus)) {
169         int sig = WTERMSIG(wstatus);
170         const char *signame = strsignal(sig) ?: "unknown ???";
171         const char *dump = WCOREDUMP(wstatus) ? " (core dumped)" : "";
172 
173         fprintf(stderr, "%s:%d: kill_qemu() detected QEMU death "
174                 "from signal %d (%s)%s\n",
175                 __FILE__, __LINE__, sig, signame, dump);
176         abort();
177     }
178 }
179 
180 static void kill_qemu_hook_func(void *s)
181 {
182     kill_qemu(s);
183 }
184 
185 static void sigabrt_handler(int signo)
186 {
187     g_hook_list_invoke(&abrt_hooks, FALSE);
188 }
189 
190 static void setup_sigabrt_handler(void)
191 {
192     struct sigaction sigact;
193 
194     /* Catch SIGABRT to clean up on g_assert() failure */
195     sigact = (struct sigaction){
196         .sa_handler = sigabrt_handler,
197         .sa_flags = SA_RESETHAND,
198     };
199     sigemptyset(&sigact.sa_mask);
200     sigaction(SIGABRT, &sigact, &sigact_old);
201 }
202 
203 static void cleanup_sigabrt_handler(void)
204 {
205     sigaction(SIGABRT, &sigact_old, NULL);
206 }
207 
208 void qtest_add_abrt_handler(GHookFunc fn, const void *data)
209 {
210     GHook *hook;
211 
212     /* Only install SIGABRT handler once */
213     if (!abrt_hooks.is_setup) {
214         g_hook_list_init(&abrt_hooks, sizeof(GHook));
215     }
216     setup_sigabrt_handler();
217 
218     hook = g_hook_alloc(&abrt_hooks);
219     hook->func = fn;
220     hook->data = (void *)data;
221 
222     g_hook_prepend(&abrt_hooks, hook);
223 }
224 
225 static const char *qtest_qemu_binary(void)
226 {
227     const char *qemu_bin;
228 
229     qemu_bin = getenv("QTEST_QEMU_BINARY");
230     if (!qemu_bin) {
231         fprintf(stderr, "Environment variable QTEST_QEMU_BINARY required\n");
232         exit(1);
233     }
234 
235     return qemu_bin;
236 }
237 
238 QTestState *qtest_init_without_qmp_handshake(const char *extra_args)
239 {
240     QTestState *s;
241     int sock, qmpsock, i;
242     gchar *socket_path;
243     gchar *qmp_socket_path;
244     gchar *command;
245     const char *qemu_binary = qtest_qemu_binary();
246 
247     s = g_new(QTestState, 1);
248 
249     socket_path = g_strdup_printf("/tmp/qtest-%d.sock", getpid());
250     qmp_socket_path = g_strdup_printf("/tmp/qtest-%d.qmp", getpid());
251 
252     /* It's possible that if an earlier test run crashed it might
253      * have left a stale unix socket lying around. Delete any
254      * stale old socket to avoid spurious test failures with
255      * tests/libqtest.c:70:init_socket: assertion failed (ret != -1): (-1 != -1)
256      */
257     unlink(socket_path);
258     unlink(qmp_socket_path);
259 
260     sock = init_socket(socket_path);
261     qmpsock = init_socket(qmp_socket_path);
262 
263     qtest_client_set_rx_handler(s, qtest_client_socket_recv_line);
264     qtest_client_set_tx_handler(s, qtest_client_socket_send);
265 
266     qtest_add_abrt_handler(kill_qemu_hook_func, s);
267 
268     command = g_strdup_printf("exec %s "
269                               "-qtest unix:%s "
270                               "-qtest-log %s "
271                               "-chardev socket,path=%s,id=char0 "
272                               "-mon chardev=char0,mode=control "
273                               "-display none "
274                               "%s"
275                               " -accel qtest", qemu_binary, socket_path,
276                               getenv("QTEST_LOG") ? "/dev/fd/2" : "/dev/null",
277                               qmp_socket_path,
278                               extra_args ?: "");
279 
280     g_test_message("starting QEMU: %s", command);
281 
282     s->wstatus = 0;
283     s->expected_status = 0;
284     s->qemu_pid = fork();
285     if (s->qemu_pid == 0) {
286         g_setenv("QEMU_AUDIO_DRV", "none", true);
287         execlp("/bin/sh", "sh", "-c", command, NULL);
288         exit(1);
289     }
290 
291     g_free(command);
292     s->fd = socket_accept(sock);
293     if (s->fd >= 0) {
294         s->qmp_fd = socket_accept(qmpsock);
295     }
296     unlink(socket_path);
297     unlink(qmp_socket_path);
298     g_free(socket_path);
299     g_free(qmp_socket_path);
300 
301     g_assert(s->fd >= 0 && s->qmp_fd >= 0);
302 
303     s->rx = g_string_new("");
304     for (i = 0; i < MAX_IRQ; i++) {
305         s->irq_level[i] = false;
306     }
307 
308     if (getenv("QTEST_STOP")) {
309         kill(s->qemu_pid, SIGSTOP);
310     }
311 
312     /* ask endianness of the target */
313 
314     s->big_endian = qtest_query_target_endianness(s);
315 
316     return s;
317 }
318 
319 QTestState *qtest_init(const char *extra_args)
320 {
321     QTestState *s = qtest_init_without_qmp_handshake(extra_args);
322     QDict *greeting;
323 
324     /* Read the QMP greeting and then do the handshake */
325     greeting = qtest_qmp_receive(s);
326     qobject_unref(greeting);
327     qobject_unref(qtest_qmp(s, "{ 'execute': 'qmp_capabilities' }"));
328 
329     return s;
330 }
331 
332 QTestState *qtest_vinitf(const char *fmt, va_list ap)
333 {
334     char *args = g_strdup_vprintf(fmt, ap);
335     QTestState *s;
336 
337     s = qtest_init(args);
338     g_free(args);
339     return s;
340 }
341 
342 QTestState *qtest_initf(const char *fmt, ...)
343 {
344     va_list ap;
345     QTestState *s;
346 
347     va_start(ap, fmt);
348     s = qtest_vinitf(fmt, ap);
349     va_end(ap);
350     return s;
351 }
352 
353 QTestState *qtest_init_with_serial(const char *extra_args, int *sock_fd)
354 {
355     int sock_fd_init;
356     char *sock_path, sock_dir[] = "/tmp/qtest-serial-XXXXXX";
357     QTestState *qts;
358 
359     g_assert_true(mkdtemp(sock_dir) != NULL);
360     sock_path = g_strdup_printf("%s/sock", sock_dir);
361 
362     sock_fd_init = init_socket(sock_path);
363 
364     qts = qtest_initf("-chardev socket,id=s0,path=%s -serial chardev:s0 %s",
365                       sock_path, extra_args);
366 
367     *sock_fd = socket_accept(sock_fd_init);
368 
369     unlink(sock_path);
370     g_free(sock_path);
371     rmdir(sock_dir);
372 
373     g_assert_true(*sock_fd >= 0);
374 
375     return qts;
376 }
377 
378 void qtest_quit(QTestState *s)
379 {
380     g_hook_destroy_link(&abrt_hooks, g_hook_find_data(&abrt_hooks, TRUE, s));
381 
382     /* Uninstall SIGABRT handler on last instance */
383     cleanup_sigabrt_handler();
384 
385     kill_qemu(s);
386     close(s->fd);
387     close(s->qmp_fd);
388     g_string_free(s->rx, true);
389     g_free(s);
390 }
391 
392 static void socket_send(int fd, const char *buf, size_t size)
393 {
394     size_t offset;
395 
396     offset = 0;
397     while (offset < size) {
398         ssize_t len;
399 
400         len = write(fd, buf + offset, size - offset);
401         if (len == -1 && errno == EINTR) {
402             continue;
403         }
404 
405         g_assert_cmpint(len, >, 0);
406 
407         offset += len;
408     }
409 }
410 
411 static void qtest_client_socket_send(QTestState *s, const char *buf)
412 {
413     socket_send(s->fd, buf, strlen(buf));
414 }
415 
416 static void GCC_FMT_ATTR(2, 3) qtest_sendf(QTestState *s, const char *fmt, ...)
417 {
418     va_list ap;
419 
420     va_start(ap, fmt);
421     gchar *str = g_strdup_vprintf(fmt, ap);
422     va_end(ap);
423 
424     s->ops.send(s, str);
425     g_free(str);
426 }
427 
428 /* Sends a message and file descriptors to the socket.
429  * It's needed for qmp-commands like getfd/add-fd */
430 static void socket_send_fds(int socket_fd, int *fds, size_t fds_num,
431                             const char *buf, size_t buf_size)
432 {
433     ssize_t ret;
434     struct msghdr msg = { 0 };
435     char control[CMSG_SPACE(sizeof(int) * SOCKET_MAX_FDS)] = { 0 };
436     size_t fdsize = sizeof(int) * fds_num;
437     struct cmsghdr *cmsg;
438     struct iovec iov = { .iov_base = (char *)buf, .iov_len = buf_size };
439 
440     msg.msg_iov = &iov;
441     msg.msg_iovlen = 1;
442 
443     if (fds && fds_num > 0) {
444         g_assert_cmpuint(fds_num, <, SOCKET_MAX_FDS);
445 
446         msg.msg_control = control;
447         msg.msg_controllen = CMSG_SPACE(fdsize);
448 
449         cmsg = CMSG_FIRSTHDR(&msg);
450         cmsg->cmsg_len = CMSG_LEN(fdsize);
451         cmsg->cmsg_level = SOL_SOCKET;
452         cmsg->cmsg_type = SCM_RIGHTS;
453         memcpy(CMSG_DATA(cmsg), fds, fdsize);
454     }
455 
456     do {
457         ret = sendmsg(socket_fd, &msg, 0);
458     } while (ret < 0 && errno == EINTR);
459     g_assert_cmpint(ret, >, 0);
460 }
461 
462 static GString *qtest_client_socket_recv_line(QTestState *s)
463 {
464     GString *line;
465     size_t offset;
466     char *eol;
467 
468     while ((eol = strchr(s->rx->str, '\n')) == NULL) {
469         ssize_t len;
470         char buffer[1024];
471 
472         len = read(s->fd, buffer, sizeof(buffer));
473         if (len == -1 && errno == EINTR) {
474             continue;
475         }
476 
477         if (len == -1 || len == 0) {
478             fprintf(stderr, "Broken pipe\n");
479             abort();
480         }
481 
482         g_string_append_len(s->rx, buffer, len);
483     }
484 
485     offset = eol - s->rx->str;
486     line = g_string_new_len(s->rx->str, offset);
487     g_string_erase(s->rx, 0, offset + 1);
488 
489     return line;
490 }
491 
492 static gchar **qtest_rsp(QTestState *s, int expected_args)
493 {
494     GString *line;
495     gchar **words;
496     int i;
497 
498 redo:
499     line = s->ops.recv_line(s);
500     words = g_strsplit(line->str, " ", 0);
501     g_string_free(line, TRUE);
502 
503     if (strcmp(words[0], "IRQ") == 0) {
504         long irq;
505         int ret;
506 
507         g_assert(words[1] != NULL);
508         g_assert(words[2] != NULL);
509 
510         ret = qemu_strtol(words[2], NULL, 0, &irq);
511         g_assert(!ret);
512         g_assert_cmpint(irq, >=, 0);
513         g_assert_cmpint(irq, <, MAX_IRQ);
514 
515         if (strcmp(words[1], "raise") == 0) {
516             s->irq_level[irq] = true;
517         } else {
518             s->irq_level[irq] = false;
519         }
520 
521         g_strfreev(words);
522         goto redo;
523     }
524 
525     g_assert(words[0] != NULL);
526     g_assert_cmpstr(words[0], ==, "OK");
527 
528     if (expected_args) {
529         for (i = 0; i < expected_args; i++) {
530             g_assert(words[i] != NULL);
531         }
532     } else {
533         g_strfreev(words);
534     }
535 
536     return words;
537 }
538 
539 static int qtest_query_target_endianness(QTestState *s)
540 {
541     gchar **args;
542     int big_endian;
543 
544     qtest_sendf(s, "endianness\n");
545     args = qtest_rsp(s, 1);
546     g_assert(strcmp(args[1], "big") == 0 || strcmp(args[1], "little") == 0);
547     big_endian = strcmp(args[1], "big") == 0;
548     g_strfreev(args);
549 
550     return big_endian;
551 }
552 
553 typedef struct {
554     JSONMessageParser parser;
555     QDict *response;
556 } QMPResponseParser;
557 
558 static void qmp_response(void *opaque, QObject *obj, Error *err)
559 {
560     QMPResponseParser *qmp = opaque;
561 
562     assert(!obj != !err);
563 
564     if (err) {
565         error_prepend(&err, "QMP JSON response parsing failed: ");
566         error_report_err(err);
567         abort();
568     }
569 
570     g_assert(!qmp->response);
571     qmp->response = qobject_to(QDict, obj);
572     g_assert(qmp->response);
573 }
574 
575 QDict *qmp_fd_receive(int fd)
576 {
577     QMPResponseParser qmp;
578     bool log = getenv("QTEST_LOG") != NULL;
579 
580     qmp.response = NULL;
581     json_message_parser_init(&qmp.parser, qmp_response, &qmp, NULL);
582     while (!qmp.response) {
583         ssize_t len;
584         char c;
585 
586         len = read(fd, &c, 1);
587         if (len == -1 && errno == EINTR) {
588             continue;
589         }
590 
591         if (len == -1 || len == 0) {
592             fprintf(stderr, "Broken pipe\n");
593             abort();
594         }
595 
596         if (log) {
597             len = write(2, &c, 1);
598         }
599         json_message_parser_feed(&qmp.parser, &c, 1);
600     }
601     json_message_parser_destroy(&qmp.parser);
602 
603     return qmp.response;
604 }
605 
606 QDict *qtest_qmp_receive(QTestState *s)
607 {
608     return qmp_fd_receive(s->qmp_fd);
609 }
610 
611 /**
612  * Allow users to send a message without waiting for the reply,
613  * in the case that they choose to discard all replies up until
614  * a particular EVENT is received.
615  */
616 void qmp_fd_vsend_fds(int fd, int *fds, size_t fds_num,
617                       const char *fmt, va_list ap)
618 {
619     QObject *qobj;
620 
621     /* Going through qobject ensures we escape strings properly */
622     qobj = qobject_from_vjsonf_nofail(fmt, ap);
623 
624     /* No need to send anything for an empty QObject.  */
625     if (qobj) {
626         int log = getenv("QTEST_LOG") != NULL;
627         QString *qstr = qobject_to_json(qobj);
628         const char *str;
629 
630         /*
631          * BUG: QMP doesn't react to input until it sees a newline, an
632          * object, or an array.  Work-around: give it a newline.
633          */
634         qstring_append_chr(qstr, '\n');
635         str = qstring_get_str(qstr);
636 
637         if (log) {
638             fprintf(stderr, "%s", str);
639         }
640         /* Send QMP request */
641         if (fds && fds_num > 0) {
642             socket_send_fds(fd, fds, fds_num, str, qstring_get_length(qstr));
643         } else {
644             socket_send(fd, str, qstring_get_length(qstr));
645         }
646 
647         qobject_unref(qstr);
648         qobject_unref(qobj);
649     }
650 }
651 
652 void qmp_fd_vsend(int fd, const char *fmt, va_list ap)
653 {
654     qmp_fd_vsend_fds(fd, NULL, 0, fmt, ap);
655 }
656 
657 void qtest_qmp_vsend_fds(QTestState *s, int *fds, size_t fds_num,
658                          const char *fmt, va_list ap)
659 {
660     qmp_fd_vsend_fds(s->qmp_fd, fds, fds_num, fmt, ap);
661 }
662 
663 void qtest_qmp_vsend(QTestState *s, const char *fmt, va_list ap)
664 {
665     qmp_fd_vsend_fds(s->qmp_fd, NULL, 0, fmt, ap);
666 }
667 
668 QDict *qmp_fdv(int fd, const char *fmt, va_list ap)
669 {
670     qmp_fd_vsend_fds(fd, NULL, 0, fmt, ap);
671 
672     return qmp_fd_receive(fd);
673 }
674 
675 QDict *qtest_vqmp_fds(QTestState *s, int *fds, size_t fds_num,
676                       const char *fmt, va_list ap)
677 {
678     qtest_qmp_vsend_fds(s, fds, fds_num, fmt, ap);
679 
680     /* Receive reply */
681     return qtest_qmp_receive(s);
682 }
683 
684 QDict *qtest_vqmp(QTestState *s, const char *fmt, va_list ap)
685 {
686     qtest_qmp_vsend(s, fmt, ap);
687 
688     /* Receive reply */
689     return qtest_qmp_receive(s);
690 }
691 
692 QDict *qmp_fd(int fd, const char *fmt, ...)
693 {
694     va_list ap;
695     QDict *response;
696 
697     va_start(ap, fmt);
698     response = qmp_fdv(fd, fmt, ap);
699     va_end(ap);
700     return response;
701 }
702 
703 void qmp_fd_send(int fd, const char *fmt, ...)
704 {
705     va_list ap;
706 
707     va_start(ap, fmt);
708     qmp_fd_vsend(fd, fmt, ap);
709     va_end(ap);
710 }
711 
712 QDict *qtest_qmp_fds(QTestState *s, int *fds, size_t fds_num,
713                      const char *fmt, ...)
714 {
715     va_list ap;
716     QDict *response;
717 
718     va_start(ap, fmt);
719     response = qtest_vqmp_fds(s, fds, fds_num, fmt, ap);
720     va_end(ap);
721     return response;
722 }
723 
724 QDict *qtest_qmp(QTestState *s, const char *fmt, ...)
725 {
726     va_list ap;
727     QDict *response;
728 
729     va_start(ap, fmt);
730     response = qtest_vqmp(s, fmt, ap);
731     va_end(ap);
732     return response;
733 }
734 
735 void qtest_qmp_send(QTestState *s, const char *fmt, ...)
736 {
737     va_list ap;
738 
739     va_start(ap, fmt);
740     qtest_qmp_vsend(s, fmt, ap);
741     va_end(ap);
742 }
743 
744 void qmp_fd_vsend_raw(int fd, const char *fmt, va_list ap)
745 {
746     bool log = getenv("QTEST_LOG") != NULL;
747     char *str = g_strdup_vprintf(fmt, ap);
748 
749     if (log) {
750         fprintf(stderr, "%s", str);
751     }
752     socket_send(fd, str, strlen(str));
753     g_free(str);
754 }
755 
756 void qmp_fd_send_raw(int fd, const char *fmt, ...)
757 {
758     va_list ap;
759 
760     va_start(ap, fmt);
761     qmp_fd_vsend_raw(fd, fmt, ap);
762     va_end(ap);
763 }
764 
765 void qtest_qmp_send_raw(QTestState *s, const char *fmt, ...)
766 {
767     va_list ap;
768 
769     va_start(ap, fmt);
770     qmp_fd_vsend_raw(s->qmp_fd, fmt, ap);
771     va_end(ap);
772 }
773 
774 QDict *qtest_qmp_eventwait_ref(QTestState *s, const char *event)
775 {
776     QDict *response;
777 
778     for (;;) {
779         response = qtest_qmp_receive(s);
780         if ((qdict_haskey(response, "event")) &&
781             (strcmp(qdict_get_str(response, "event"), event) == 0)) {
782             return response;
783         }
784         qobject_unref(response);
785     }
786 }
787 
788 void qtest_qmp_eventwait(QTestState *s, const char *event)
789 {
790     QDict *response;
791 
792     response = qtest_qmp_eventwait_ref(s, event);
793     qobject_unref(response);
794 }
795 
796 char *qtest_vhmp(QTestState *s, const char *fmt, va_list ap)
797 {
798     char *cmd;
799     QDict *resp;
800     char *ret;
801 
802     cmd = g_strdup_vprintf(fmt, ap);
803     resp = qtest_qmp(s, "{'execute': 'human-monitor-command',"
804                      " 'arguments': {'command-line': %s}}",
805                      cmd);
806     ret = g_strdup(qdict_get_try_str(resp, "return"));
807     while (ret == NULL && qdict_get_try_str(resp, "event")) {
808         /* Ignore asynchronous QMP events */
809         qobject_unref(resp);
810         resp = qtest_qmp_receive(s);
811         ret = g_strdup(qdict_get_try_str(resp, "return"));
812     }
813     g_assert(ret);
814     qobject_unref(resp);
815     g_free(cmd);
816     return ret;
817 }
818 
819 char *qtest_hmp(QTestState *s, const char *fmt, ...)
820 {
821     va_list ap;
822     char *ret;
823 
824     va_start(ap, fmt);
825     ret = qtest_vhmp(s, fmt, ap);
826     va_end(ap);
827     return ret;
828 }
829 
830 const char *qtest_get_arch(void)
831 {
832     const char *qemu = qtest_qemu_binary();
833     const char *end = strrchr(qemu, '/');
834 
835     return end + strlen("/qemu-system-");
836 }
837 
838 bool qtest_get_irq(QTestState *s, int num)
839 {
840     /* dummy operation in order to make sure irq is up to date */
841     qtest_inb(s, 0);
842 
843     return s->irq_level[num];
844 }
845 
846 void qtest_module_load(QTestState *s, const char *prefix, const char *libname)
847 {
848     qtest_sendf(s, "module_load %s %s\n", prefix, libname);
849     qtest_rsp(s, 0);
850 }
851 
852 static int64_t qtest_clock_rsp(QTestState *s)
853 {
854     gchar **words;
855     int64_t clock;
856     words = qtest_rsp(s, 2);
857     clock = g_ascii_strtoll(words[1], NULL, 0);
858     g_strfreev(words);
859     return clock;
860 }
861 
862 int64_t qtest_clock_step_next(QTestState *s)
863 {
864     qtest_sendf(s, "clock_step\n");
865     return qtest_clock_rsp(s);
866 }
867 
868 int64_t qtest_clock_step(QTestState *s, int64_t step)
869 {
870     qtest_sendf(s, "clock_step %"PRIi64"\n", step);
871     return qtest_clock_rsp(s);
872 }
873 
874 int64_t qtest_clock_set(QTestState *s, int64_t val)
875 {
876     qtest_sendf(s, "clock_set %"PRIi64"\n", val);
877     return qtest_clock_rsp(s);
878 }
879 
880 void qtest_irq_intercept_out(QTestState *s, const char *qom_path)
881 {
882     qtest_sendf(s, "irq_intercept_out %s\n", qom_path);
883     qtest_rsp(s, 0);
884 }
885 
886 void qtest_irq_intercept_in(QTestState *s, const char *qom_path)
887 {
888     qtest_sendf(s, "irq_intercept_in %s\n", qom_path);
889     qtest_rsp(s, 0);
890 }
891 
892 void qtest_set_irq_in(QTestState *s, const char *qom_path, const char *name,
893                       int num, int level)
894 {
895     if (!name) {
896         name = "unnamed-gpio-in";
897     }
898     qtest_sendf(s, "set_irq_in %s %s %d %d\n", qom_path, name, num, level);
899     qtest_rsp(s, 0);
900 }
901 
902 static void qtest_out(QTestState *s, const char *cmd, uint16_t addr, uint32_t value)
903 {
904     qtest_sendf(s, "%s 0x%x 0x%x\n", cmd, addr, value);
905     qtest_rsp(s, 0);
906 }
907 
908 void qtest_outb(QTestState *s, uint16_t addr, uint8_t value)
909 {
910     qtest_out(s, "outb", addr, value);
911 }
912 
913 void qtest_outw(QTestState *s, uint16_t addr, uint16_t value)
914 {
915     qtest_out(s, "outw", addr, value);
916 }
917 
918 void qtest_outl(QTestState *s, uint16_t addr, uint32_t value)
919 {
920     qtest_out(s, "outl", addr, value);
921 }
922 
923 static uint32_t qtest_in(QTestState *s, const char *cmd, uint16_t addr)
924 {
925     gchar **args;
926     int ret;
927     unsigned long value;
928 
929     qtest_sendf(s, "%s 0x%x\n", cmd, addr);
930     args = qtest_rsp(s, 2);
931     ret = qemu_strtoul(args[1], NULL, 0, &value);
932     g_assert(!ret && value <= UINT32_MAX);
933     g_strfreev(args);
934 
935     return value;
936 }
937 
938 uint8_t qtest_inb(QTestState *s, uint16_t addr)
939 {
940     return qtest_in(s, "inb", addr);
941 }
942 
943 uint16_t qtest_inw(QTestState *s, uint16_t addr)
944 {
945     return qtest_in(s, "inw", addr);
946 }
947 
948 uint32_t qtest_inl(QTestState *s, uint16_t addr)
949 {
950     return qtest_in(s, "inl", addr);
951 }
952 
953 static void qtest_write(QTestState *s, const char *cmd, uint64_t addr,
954                         uint64_t value)
955 {
956     qtest_sendf(s, "%s 0x%" PRIx64 " 0x%" PRIx64 "\n", cmd, addr, value);
957     qtest_rsp(s, 0);
958 }
959 
960 void qtest_writeb(QTestState *s, uint64_t addr, uint8_t value)
961 {
962     qtest_write(s, "writeb", addr, value);
963 }
964 
965 void qtest_writew(QTestState *s, uint64_t addr, uint16_t value)
966 {
967     qtest_write(s, "writew", addr, value);
968 }
969 
970 void qtest_writel(QTestState *s, uint64_t addr, uint32_t value)
971 {
972     qtest_write(s, "writel", addr, value);
973 }
974 
975 void qtest_writeq(QTestState *s, uint64_t addr, uint64_t value)
976 {
977     qtest_write(s, "writeq", addr, value);
978 }
979 
980 static uint64_t qtest_read(QTestState *s, const char *cmd, uint64_t addr)
981 {
982     gchar **args;
983     int ret;
984     uint64_t value;
985 
986     qtest_sendf(s, "%s 0x%" PRIx64 "\n", cmd, addr);
987     args = qtest_rsp(s, 2);
988     ret = qemu_strtou64(args[1], NULL, 0, &value);
989     g_assert(!ret);
990     g_strfreev(args);
991 
992     return value;
993 }
994 
995 uint8_t qtest_readb(QTestState *s, uint64_t addr)
996 {
997     return qtest_read(s, "readb", addr);
998 }
999 
1000 uint16_t qtest_readw(QTestState *s, uint64_t addr)
1001 {
1002     return qtest_read(s, "readw", addr);
1003 }
1004 
1005 uint32_t qtest_readl(QTestState *s, uint64_t addr)
1006 {
1007     return qtest_read(s, "readl", addr);
1008 }
1009 
1010 uint64_t qtest_readq(QTestState *s, uint64_t addr)
1011 {
1012     return qtest_read(s, "readq", addr);
1013 }
1014 
1015 static int hex2nib(char ch)
1016 {
1017     if (ch >= '0' && ch <= '9') {
1018         return ch - '0';
1019     } else if (ch >= 'a' && ch <= 'f') {
1020         return 10 + (ch - 'a');
1021     } else if (ch >= 'A' && ch <= 'F') {
1022         return 10 + (ch - 'a');
1023     } else {
1024         return -1;
1025     }
1026 }
1027 
1028 void qtest_memread(QTestState *s, uint64_t addr, void *data, size_t size)
1029 {
1030     uint8_t *ptr = data;
1031     gchar **args;
1032     size_t i;
1033 
1034     if (!size) {
1035         return;
1036     }
1037 
1038     qtest_sendf(s, "read 0x%" PRIx64 " 0x%zx\n", addr, size);
1039     args = qtest_rsp(s, 2);
1040 
1041     for (i = 0; i < size; i++) {
1042         ptr[i] = hex2nib(args[1][2 + (i * 2)]) << 4;
1043         ptr[i] |= hex2nib(args[1][2 + (i * 2) + 1]);
1044     }
1045 
1046     g_strfreev(args);
1047 }
1048 
1049 uint64_t qtest_rtas_call(QTestState *s, const char *name,
1050                          uint32_t nargs, uint64_t args,
1051                          uint32_t nret, uint64_t ret)
1052 {
1053     qtest_sendf(s, "rtas %s %u 0x%"PRIx64" %u 0x%"PRIx64"\n",
1054                 name, nargs, args, nret, ret);
1055     qtest_rsp(s, 0);
1056     return 0;
1057 }
1058 
1059 void qtest_add_func(const char *str, void (*fn)(void))
1060 {
1061     gchar *path = g_strdup_printf("/%s/%s", qtest_get_arch(), str);
1062     g_test_add_func(path, fn);
1063     g_free(path);
1064 }
1065 
1066 void qtest_add_data_func_full(const char *str, void *data,
1067                               void (*fn)(const void *),
1068                               GDestroyNotify data_free_func)
1069 {
1070     gchar *path = g_strdup_printf("/%s/%s", qtest_get_arch(), str);
1071     g_test_add_data_func_full(path, data, fn, data_free_func);
1072     g_free(path);
1073 }
1074 
1075 void qtest_add_data_func(const char *str, const void *data,
1076                          void (*fn)(const void *))
1077 {
1078     gchar *path = g_strdup_printf("/%s/%s", qtest_get_arch(), str);
1079     g_test_add_data_func(path, data, fn);
1080     g_free(path);
1081 }
1082 
1083 void qtest_bufwrite(QTestState *s, uint64_t addr, const void *data, size_t size)
1084 {
1085     gchar *bdata;
1086 
1087     bdata = g_base64_encode(data, size);
1088     qtest_sendf(s, "b64write 0x%" PRIx64 " 0x%zx ", addr, size);
1089     s->ops.send(s, bdata);
1090     s->ops.send(s, "\n");
1091     qtest_rsp(s, 0);
1092     g_free(bdata);
1093 }
1094 
1095 void qtest_bufread(QTestState *s, uint64_t addr, void *data, size_t size)
1096 {
1097     gchar **args;
1098     size_t len;
1099 
1100     qtest_sendf(s, "b64read 0x%" PRIx64 " 0x%zx\n", addr, size);
1101     args = qtest_rsp(s, 2);
1102 
1103     g_base64_decode_inplace(args[1], &len);
1104     if (size != len) {
1105         fprintf(stderr, "bufread: asked for %zu bytes but decoded %zu\n",
1106                 size, len);
1107         len = MIN(len, size);
1108     }
1109 
1110     memcpy(data, args[1], len);
1111     g_strfreev(args);
1112 }
1113 
1114 void qtest_memwrite(QTestState *s, uint64_t addr, const void *data, size_t size)
1115 {
1116     const uint8_t *ptr = data;
1117     size_t i;
1118     char *enc;
1119 
1120     if (!size) {
1121         return;
1122     }
1123 
1124     enc = g_malloc(2 * size + 1);
1125 
1126     for (i = 0; i < size; i++) {
1127         sprintf(&enc[i * 2], "%02x", ptr[i]);
1128     }
1129 
1130     qtest_sendf(s, "write 0x%" PRIx64 " 0x%zx 0x%s\n", addr, size, enc);
1131     qtest_rsp(s, 0);
1132     g_free(enc);
1133 }
1134 
1135 void qtest_memset(QTestState *s, uint64_t addr, uint8_t pattern, size_t size)
1136 {
1137     qtest_sendf(s, "memset 0x%" PRIx64 " 0x%zx 0x%02x\n", addr, size, pattern);
1138     qtest_rsp(s, 0);
1139 }
1140 
1141 void qtest_qmp_assert_success(QTestState *qts, const char *fmt, ...)
1142 {
1143     va_list ap;
1144     QDict *response;
1145 
1146     va_start(ap, fmt);
1147     response = qtest_vqmp(qts, fmt, ap);
1148     va_end(ap);
1149 
1150     g_assert(response);
1151     if (!qdict_haskey(response, "return")) {
1152         QString *s = qobject_to_json_pretty(QOBJECT(response));
1153         g_test_message("%s", qstring_get_str(s));
1154         qobject_unref(s);
1155     }
1156     g_assert(qdict_haskey(response, "return"));
1157     qobject_unref(response);
1158 }
1159 
1160 bool qtest_big_endian(QTestState *s)
1161 {
1162     return s->big_endian;
1163 }
1164 
1165 static bool qtest_check_machine_version(const char *mname, const char *basename,
1166                                         int major, int minor)
1167 {
1168     char *newname;
1169     bool is_equal;
1170 
1171     newname = g_strdup_printf("%s-%i.%i", basename, major, minor);
1172     is_equal = g_str_equal(mname, newname);
1173     g_free(newname);
1174 
1175     return is_equal;
1176 }
1177 
1178 static bool qtest_is_old_versioned_machine(const char *mname)
1179 {
1180     const char *dash = strrchr(mname, '-');
1181     const char *dot = strrchr(mname, '.');
1182     const char *chr;
1183     char *bname;
1184     const int major = QEMU_VERSION_MAJOR;
1185     const int minor = QEMU_VERSION_MINOR;
1186     bool res = false;
1187 
1188     if (dash && dot && dot > dash) {
1189         for (chr = dash + 1; *chr; chr++) {
1190             if (!qemu_isdigit(*chr) && *chr != '.') {
1191                 return false;
1192             }
1193         }
1194         /*
1195          * Now check if it is one of the latest versions. Check major + 1
1196          * and minor + 1 versions as well, since they might already exist
1197          * in the development branch.
1198          */
1199         bname = g_strdup(mname);
1200         bname[dash - mname] = 0;
1201         res = !qtest_check_machine_version(mname, bname, major + 1, 0) &&
1202               !qtest_check_machine_version(mname, bname, major, minor + 1) &&
1203               !qtest_check_machine_version(mname, bname, major, minor);
1204         g_free(bname);
1205     }
1206 
1207     return res;
1208 }
1209 
1210 void qtest_cb_for_every_machine(void (*cb)(const char *machine),
1211                                 bool skip_old_versioned)
1212 {
1213     QDict *response, *minfo;
1214     QList *list;
1215     const QListEntry *p;
1216     QObject *qobj;
1217     QString *qstr;
1218     const char *mname;
1219     QTestState *qts;
1220 
1221     qts = qtest_init("-machine none");
1222     response = qtest_qmp(qts, "{ 'execute': 'query-machines' }");
1223     g_assert(response);
1224     list = qdict_get_qlist(response, "return");
1225     g_assert(list);
1226 
1227     for (p = qlist_first(list); p; p = qlist_next(p)) {
1228         minfo = qobject_to(QDict, qlist_entry_obj(p));
1229         g_assert(minfo);
1230         qobj = qdict_get(minfo, "name");
1231         g_assert(qobj);
1232         qstr = qobject_to(QString, qobj);
1233         g_assert(qstr);
1234         mname = qstring_get_str(qstr);
1235         /* Ignore machines that cannot be used for qtests */
1236         if (!memcmp("xenfv", mname, 5) || g_str_equal("xenpv", mname)) {
1237             continue;
1238         }
1239         if (!skip_old_versioned || !qtest_is_old_versioned_machine(mname)) {
1240             cb(mname);
1241         }
1242     }
1243 
1244     qtest_quit(qts);
1245     qobject_unref(response);
1246 }
1247 
1248 QDict *qtest_qmp_receive_success(QTestState *s,
1249                                  void (*event_cb)(void *opaque,
1250                                                   const char *event,
1251                                                   QDict *data),
1252                                  void *opaque)
1253 {
1254     QDict *response, *ret, *data;
1255     const char *event;
1256 
1257     for (;;) {
1258         response = qtest_qmp_receive(s);
1259         g_assert(!qdict_haskey(response, "error"));
1260         ret = qdict_get_qdict(response, "return");
1261         if (ret) {
1262             break;
1263         }
1264         event = qdict_get_str(response, "event");
1265         data = qdict_get_qdict(response, "data");
1266         if (event_cb) {
1267             event_cb(opaque, event, data);
1268         }
1269         qobject_unref(response);
1270     }
1271 
1272     qobject_ref(ret);
1273     qobject_unref(response);
1274     return ret;
1275 }
1276 
1277 /*
1278  * Generic hot-plugging test via the device_add QMP commands.
1279  */
1280 void qtest_qmp_device_add_qdict(QTestState *qts, const char *drv,
1281                                 const QDict *arguments)
1282 {
1283     QDict *resp;
1284     QDict *args = arguments ? qdict_clone_shallow(arguments) : qdict_new();
1285 
1286     g_assert(!qdict_haskey(args, "driver"));
1287     qdict_put_str(args, "driver", drv);
1288     resp = qtest_qmp(qts, "{'execute': 'device_add', 'arguments': %p}", args);
1289     g_assert(resp);
1290     g_assert(!qdict_haskey(resp, "event")); /* We don't expect any events */
1291     g_assert(!qdict_haskey(resp, "error"));
1292     qobject_unref(resp);
1293 }
1294 
1295 void qtest_qmp_device_add(QTestState *qts, const char *driver, const char *id,
1296                           const char *fmt, ...)
1297 {
1298     QDict *args;
1299     va_list ap;
1300 
1301     va_start(ap, fmt);
1302     args = qdict_from_vjsonf_nofail(fmt, ap);
1303     va_end(ap);
1304 
1305     g_assert(!qdict_haskey(args, "id"));
1306     qdict_put_str(args, "id", id);
1307 
1308     qtest_qmp_device_add_qdict(qts, driver, args);
1309     qobject_unref(args);
1310 }
1311 
1312 static void device_deleted_cb(void *opaque, const char *name, QDict *data)
1313 {
1314     bool *got_event = opaque;
1315 
1316     g_assert_cmpstr(name, ==, "DEVICE_DELETED");
1317     *got_event = true;
1318 }
1319 
1320 /*
1321  * Generic hot-unplugging test via the device_del QMP command.
1322  * Device deletion will get one response and one event. For example:
1323  *
1324  * {'execute': 'device_del','arguments': { 'id': 'scsi-hd'}}
1325  *
1326  * will get this one:
1327  *
1328  * {"timestamp": {"seconds": 1505289667, "microseconds": 569862},
1329  *  "event": "DEVICE_DELETED", "data": {"device": "scsi-hd",
1330  *  "path": "/machine/peripheral/scsi-hd"}}
1331  *
1332  * and this one:
1333  *
1334  * {"return": {}}
1335  *
1336  * But the order of arrival may vary - so we've got to detect both.
1337  */
1338 void qtest_qmp_device_del(QTestState *qts, const char *id)
1339 {
1340     bool got_event = false;
1341     QDict *rsp;
1342 
1343     qtest_qmp_send(qts, "{'execute': 'device_del', 'arguments': {'id': %s}}",
1344                    id);
1345     rsp = qtest_qmp_receive_success(qts, device_deleted_cb, &got_event);
1346     qobject_unref(rsp);
1347     if (!got_event) {
1348         rsp = qtest_qmp_receive(qts);
1349         g_assert_cmpstr(qdict_get_try_str(rsp, "event"),
1350                         ==, "DEVICE_DELETED");
1351         qobject_unref(rsp);
1352     }
1353 }
1354 
1355 bool qmp_rsp_is_err(QDict *rsp)
1356 {
1357     QDict *error = qdict_get_qdict(rsp, "error");
1358     qobject_unref(rsp);
1359     return !!error;
1360 }
1361 
1362 void qmp_expect_error_and_unref(QDict *rsp, const char *class)
1363 {
1364     QDict *error = qdict_get_qdict(rsp, "error");
1365 
1366     g_assert_cmpstr(qdict_get_try_str(error, "class"), ==, class);
1367     g_assert_nonnull(qdict_get_try_str(error, "desc"));
1368     g_assert(!qdict_haskey(rsp, "return"));
1369 
1370     qobject_unref(rsp);
1371 }
1372 
1373 static void qtest_client_set_tx_handler(QTestState *s,
1374                     QTestSendFn send)
1375 {
1376     s->ops.send = send;
1377 }
1378 static void qtest_client_set_rx_handler(QTestState *s, QTestRecvFn recv)
1379 {
1380     s->ops.recv_line = recv;
1381 }
1382 /* A type-safe wrapper for s->send() */
1383 static void send_wrapper(QTestState *s, const char *buf)
1384 {
1385     s->ops.external_send(s, buf);
1386 }
1387 
1388 static GString *qtest_client_inproc_recv_line(QTestState *s)
1389 {
1390     GString *line;
1391     size_t offset;
1392     char *eol;
1393 
1394     eol = strchr(s->rx->str, '\n');
1395     offset = eol - s->rx->str;
1396     line = g_string_new_len(s->rx->str, offset);
1397     g_string_erase(s->rx, 0, offset + 1);
1398     return line;
1399 }
1400 
1401 QTestState *qtest_inproc_init(QTestState **s, bool log, const char* arch,
1402                     void (*send)(void*, const char*))
1403 {
1404     QTestState *qts;
1405     qts = g_new0(QTestState, 1);
1406     *s = qts; /* Expose qts early on, since the query endianness relies on it */
1407     qts->wstatus = 0;
1408     for (int i = 0; i < MAX_IRQ; i++) {
1409         qts->irq_level[i] = false;
1410     }
1411 
1412     qtest_client_set_rx_handler(qts, qtest_client_inproc_recv_line);
1413 
1414     /* send() may not have a matching protoype, so use a type-safe wrapper */
1415     qts->ops.external_send = send;
1416     qtest_client_set_tx_handler(qts, send_wrapper);
1417 
1418     qts->big_endian = qtest_query_target_endianness(qts);
1419 
1420     /*
1421      * Set a dummy path for QTEST_QEMU_BINARY. Doesn't need to exist, but this
1422      * way, qtest_get_arch works for inproc qtest.
1423      */
1424     gchar *bin_path = g_strconcat("/qemu-system-", arch, NULL);
1425     setenv("QTEST_QEMU_BINARY", bin_path, 0);
1426     g_free(bin_path);
1427 
1428     return qts;
1429 }
1430 
1431 void qtest_client_inproc_recv(void *opaque, const char *str)
1432 {
1433     QTestState *qts = *(QTestState **)opaque;
1434 
1435     if (!qts->rx) {
1436         qts->rx = g_string_new(NULL);
1437     }
1438     g_string_append(qts->rx, str);
1439     return;
1440 }
1441