xref: /openbmc/qemu/tests/qtest/migration-test.c (revision 0d177cdd2ba402f7f0aee301e56037311c7a8781)
1 /*
2  * QTest testcase for migration
3  *
4  * Copyright (c) 2016-2018 Red Hat, Inc. and/or its affiliates
5  *   based on the vhost-user-test.c that is:
6  *      Copyright (c) 2014 Virtual Open Systems Sarl.
7  *
8  * This work is licensed under the terms of the GNU GPL, version 2 or later.
9  * See the COPYING file in the top-level directory.
10  *
11  */
12 
13 #include "qemu/osdep.h"
14 
15 #include "libqtest.h"
16 #include "qapi/error.h"
17 #include "qapi/qmp/qdict.h"
18 #include "qemu/module.h"
19 #include "qemu/option.h"
20 #include "qemu/range.h"
21 #include "qemu/sockets.h"
22 #include "chardev/char.h"
23 #include "qapi/qapi-visit-sockets.h"
24 #include "qapi/qobject-input-visitor.h"
25 #include "qapi/qobject-output-visitor.h"
26 #include "crypto/tlscredspsk.h"
27 #include "qapi/qmp/qlist.h"
28 
29 #include "migration-helpers.h"
30 #include "tests/migration/migration-test.h"
31 #ifdef CONFIG_GNUTLS
32 # include "tests/unit/crypto-tls-psk-helpers.h"
33 # ifdef CONFIG_TASN1
34 #  include "tests/unit/crypto-tls-x509-helpers.h"
35 # endif /* CONFIG_TASN1 */
36 #endif /* CONFIG_GNUTLS */
37 
38 /* For dirty ring test; so far only x86_64 is supported */
39 #if defined(__linux__) && defined(HOST_X86_64)
40 #include "linux/kvm.h"
41 #endif
42 
43 unsigned start_address;
44 unsigned end_address;
45 static bool uffd_feature_thread_id;
46 static bool got_src_stop;
47 static bool got_dst_resume;
48 
49 /*
50  * An initial 3 MB offset is used as that corresponds
51  * to ~1 sec of data transfer with our bandwidth setting.
52  */
53 #define MAGIC_OFFSET_BASE (3 * 1024 * 1024)
54 /*
55  * A further 1k is added to ensure we're not a multiple
56  * of TEST_MEM_PAGE_SIZE, thus avoid clash with writes
57  * from the migration guest workload.
58  */
59 #define MAGIC_OFFSET_SHUFFLE 1024
60 #define MAGIC_OFFSET (MAGIC_OFFSET_BASE + MAGIC_OFFSET_SHUFFLE)
61 #define MAGIC_MARKER 0xFEED12345678CAFEULL
62 
63 /*
64  * Dirtylimit stop working if dirty page rate error
65  * value less than DIRTYLIMIT_TOLERANCE_RANGE
66  */
67 #define DIRTYLIMIT_TOLERANCE_RANGE  25  /* MB/s */
68 
69 #define ANALYZE_SCRIPT "scripts/analyze-migration.py"
70 
71 #define QEMU_VM_FILE_MAGIC 0x5145564d
72 #define FILE_TEST_FILENAME "migfile"
73 #define FILE_TEST_OFFSET 0x1000
74 
75 #if defined(__linux__)
76 #include <sys/syscall.h>
77 #include <sys/vfs.h>
78 #endif
79 
80 #if defined(__linux__) && defined(__NR_userfaultfd) && defined(CONFIG_EVENTFD)
81 #include <sys/eventfd.h>
82 #include <sys/ioctl.h>
83 #include "qemu/userfaultfd.h"
84 
85 static bool ufd_version_check(void)
86 {
87     struct uffdio_api api_struct;
88     uint64_t ioctl_mask;
89 
90     int ufd = uffd_open(O_CLOEXEC);
91 
92     if (ufd == -1) {
93         g_test_message("Skipping test: userfaultfd not available");
94         return false;
95     }
96 
97     api_struct.api = UFFD_API;
98     api_struct.features = 0;
99     if (ioctl(ufd, UFFDIO_API, &api_struct)) {
100         g_test_message("Skipping test: UFFDIO_API failed");
101         return false;
102     }
103     uffd_feature_thread_id = api_struct.features & UFFD_FEATURE_THREAD_ID;
104 
105     ioctl_mask = (__u64)1 << _UFFDIO_REGISTER |
106                  (__u64)1 << _UFFDIO_UNREGISTER;
107     if ((api_struct.ioctls & ioctl_mask) != ioctl_mask) {
108         g_test_message("Skipping test: Missing userfault feature");
109         return false;
110     }
111 
112     return true;
113 }
114 
115 #else
116 static bool ufd_version_check(void)
117 {
118     g_test_message("Skipping test: Userfault not available (builtdtime)");
119     return false;
120 }
121 
122 #endif
123 
124 static char *tmpfs;
125 static char *bootpath;
126 
127 /* The boot file modifies memory area in [start_address, end_address)
128  * repeatedly. It outputs a 'B' at a fixed rate while it's still running.
129  */
130 #include "tests/migration/i386/a-b-bootblock.h"
131 #include "tests/migration/aarch64/a-b-kernel.h"
132 #include "tests/migration/s390x/a-b-bios.h"
133 
134 static void bootfile_create(char *dir)
135 {
136     const char *arch = qtest_get_arch();
137     unsigned char *content;
138     size_t len;
139 
140     bootpath = g_strdup_printf("%s/bootsect", dir);
141     if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) {
142         /* the assembled x86 boot sector should be exactly one sector large */
143         g_assert(sizeof(x86_bootsect) == 512);
144         content = x86_bootsect;
145         len = sizeof(x86_bootsect);
146     } else if (g_str_equal(arch, "s390x")) {
147         content = s390x_elf;
148         len = sizeof(s390x_elf);
149     } else if (strcmp(arch, "ppc64") == 0) {
150         /*
151          * sane architectures can be programmed at the boot prompt
152          */
153         return;
154     } else if (strcmp(arch, "aarch64") == 0) {
155         content = aarch64_kernel;
156         len = sizeof(aarch64_kernel);
157         g_assert(sizeof(aarch64_kernel) <= ARM_TEST_MAX_KERNEL_SIZE);
158     } else {
159         g_assert_not_reached();
160     }
161 
162     FILE *bootfile = fopen(bootpath, "wb");
163 
164     g_assert_cmpint(fwrite(content, len, 1, bootfile), ==, 1);
165     fclose(bootfile);
166 }
167 
168 static void bootfile_delete(void)
169 {
170     unlink(bootpath);
171     g_free(bootpath);
172     bootpath = NULL;
173 }
174 
175 /*
176  * Wait for some output in the serial output file,
177  * we get an 'A' followed by an endless string of 'B's
178  * but on the destination we won't have the A.
179  */
180 static void wait_for_serial(const char *side)
181 {
182     g_autofree char *serialpath = g_strdup_printf("%s/%s", tmpfs, side);
183     FILE *serialfile = fopen(serialpath, "r");
184     const char *arch = qtest_get_arch();
185     int started = (strcmp(side, "src_serial") == 0 &&
186                    strcmp(arch, "ppc64") == 0) ? 0 : 1;
187 
188     do {
189         int readvalue = fgetc(serialfile);
190 
191         if (!started) {
192             /* SLOF prints its banner before starting test,
193              * to ignore it, mark the start of the test with '_',
194              * ignore all characters until this marker
195              */
196             switch (readvalue) {
197             case '_':
198                 started = 1;
199                 break;
200             case EOF:
201                 fseek(serialfile, 0, SEEK_SET);
202                 usleep(1000);
203                 break;
204             }
205             continue;
206         }
207         switch (readvalue) {
208         case 'A':
209             /* Fine */
210             break;
211 
212         case 'B':
213             /* It's alive! */
214             fclose(serialfile);
215             return;
216 
217         case EOF:
218             started = (strcmp(side, "src_serial") == 0 &&
219                        strcmp(arch, "ppc64") == 0) ? 0 : 1;
220             fseek(serialfile, 0, SEEK_SET);
221             usleep(1000);
222             break;
223 
224         default:
225             fprintf(stderr, "Unexpected %d on %s serial\n", readvalue, side);
226             g_assert_not_reached();
227         }
228     } while (true);
229 }
230 
231 /*
232  * It's tricky to use qemu's migration event capability with qtest,
233  * events suddenly appearing confuse the qmp()/hmp() responses.
234  */
235 
236 static int64_t read_ram_property_int(QTestState *who, const char *property)
237 {
238     QDict *rsp_return, *rsp_ram;
239     int64_t result;
240 
241     rsp_return = migrate_query_not_failed(who);
242     if (!qdict_haskey(rsp_return, "ram")) {
243         /* Still in setup */
244         result = 0;
245     } else {
246         rsp_ram = qdict_get_qdict(rsp_return, "ram");
247         result = qdict_get_try_int(rsp_ram, property, 0);
248     }
249     qobject_unref(rsp_return);
250     return result;
251 }
252 
253 static int64_t read_migrate_property_int(QTestState *who, const char *property)
254 {
255     QDict *rsp_return;
256     int64_t result;
257 
258     rsp_return = migrate_query_not_failed(who);
259     result = qdict_get_try_int(rsp_return, property, 0);
260     qobject_unref(rsp_return);
261     return result;
262 }
263 
264 static uint64_t get_migration_pass(QTestState *who)
265 {
266     return read_ram_property_int(who, "dirty-sync-count");
267 }
268 
269 static void read_blocktime(QTestState *who)
270 {
271     QDict *rsp_return;
272 
273     rsp_return = migrate_query_not_failed(who);
274     g_assert(qdict_haskey(rsp_return, "postcopy-blocktime"));
275     qobject_unref(rsp_return);
276 }
277 
278 static void wait_for_migration_pass(QTestState *who)
279 {
280     uint64_t initial_pass = get_migration_pass(who);
281     uint64_t pass;
282 
283     /* Wait for the 1st sync */
284     while (!got_src_stop && !initial_pass) {
285         usleep(1000);
286         initial_pass = get_migration_pass(who);
287     }
288 
289     do {
290         usleep(1000);
291         pass = get_migration_pass(who);
292     } while (pass == initial_pass && !got_src_stop);
293 }
294 
295 static void check_guests_ram(QTestState *who)
296 {
297     /* Our ASM test will have been incrementing one byte from each page from
298      * start_address to < end_address in order. This gives us a constraint
299      * that any page's byte should be equal or less than the previous pages
300      * byte (mod 256); and they should all be equal except for one transition
301      * at the point where we meet the incrementer. (We're running this with
302      * the guest stopped).
303      */
304     unsigned address;
305     uint8_t first_byte;
306     uint8_t last_byte;
307     bool hit_edge = false;
308     int bad = 0;
309 
310     qtest_memread(who, start_address, &first_byte, 1);
311     last_byte = first_byte;
312 
313     for (address = start_address + TEST_MEM_PAGE_SIZE; address < end_address;
314          address += TEST_MEM_PAGE_SIZE)
315     {
316         uint8_t b;
317         qtest_memread(who, address, &b, 1);
318         if (b != last_byte) {
319             if (((b + 1) % 256) == last_byte && !hit_edge) {
320                 /* This is OK, the guest stopped at the point of
321                  * incrementing the previous page but didn't get
322                  * to us yet.
323                  */
324                 hit_edge = true;
325                 last_byte = b;
326             } else {
327                 bad++;
328                 if (bad <= 10) {
329                     fprintf(stderr, "Memory content inconsistency at %x"
330                             " first_byte = %x last_byte = %x current = %x"
331                             " hit_edge = %x\n",
332                             address, first_byte, last_byte, b, hit_edge);
333                 }
334             }
335         }
336     }
337     if (bad >= 10) {
338         fprintf(stderr, "and in another %d pages", bad - 10);
339     }
340     g_assert(bad == 0);
341 }
342 
343 static void cleanup(const char *filename)
344 {
345     g_autofree char *path = g_strdup_printf("%s/%s", tmpfs, filename);
346 
347     unlink(path);
348 }
349 
350 static char *SocketAddress_to_str(SocketAddress *addr)
351 {
352     switch (addr->type) {
353     case SOCKET_ADDRESS_TYPE_INET:
354         return g_strdup_printf("tcp:%s:%s",
355                                addr->u.inet.host,
356                                addr->u.inet.port);
357     case SOCKET_ADDRESS_TYPE_UNIX:
358         return g_strdup_printf("unix:%s",
359                                addr->u.q_unix.path);
360     case SOCKET_ADDRESS_TYPE_FD:
361         return g_strdup_printf("fd:%s", addr->u.fd.str);
362     case SOCKET_ADDRESS_TYPE_VSOCK:
363         return g_strdup_printf("tcp:%s:%s",
364                                addr->u.vsock.cid,
365                                addr->u.vsock.port);
366     default:
367         return g_strdup("unknown address type");
368     }
369 }
370 
371 static char *migrate_get_socket_address(QTestState *who, const char *parameter)
372 {
373     QDict *rsp;
374     char *result;
375     SocketAddressList *addrs;
376     Visitor *iv = NULL;
377     QObject *object;
378 
379     rsp = migrate_query(who);
380     object = qdict_get(rsp, parameter);
381 
382     iv = qobject_input_visitor_new(object);
383     visit_type_SocketAddressList(iv, NULL, &addrs, &error_abort);
384     visit_free(iv);
385 
386     /* we are only using a single address */
387     result = SocketAddress_to_str(addrs->value);
388 
389     qapi_free_SocketAddressList(addrs);
390     qobject_unref(rsp);
391     return result;
392 }
393 
394 static long long migrate_get_parameter_int(QTestState *who,
395                                            const char *parameter)
396 {
397     QDict *rsp;
398     long long result;
399 
400     rsp = qtest_qmp_assert_success_ref(
401         who, "{ 'execute': 'query-migrate-parameters' }");
402     result = qdict_get_int(rsp, parameter);
403     qobject_unref(rsp);
404     return result;
405 }
406 
407 static void migrate_check_parameter_int(QTestState *who, const char *parameter,
408                                         long long value)
409 {
410     long long result;
411 
412     result = migrate_get_parameter_int(who, parameter);
413     g_assert_cmpint(result, ==, value);
414 }
415 
416 static void migrate_set_parameter_int(QTestState *who, const char *parameter,
417                                       long long value)
418 {
419     qtest_qmp_assert_success(who,
420                              "{ 'execute': 'migrate-set-parameters',"
421                              "'arguments': { %s: %lld } }",
422                              parameter, value);
423     migrate_check_parameter_int(who, parameter, value);
424 }
425 
426 static char *migrate_get_parameter_str(QTestState *who,
427                                        const char *parameter)
428 {
429     QDict *rsp;
430     char *result;
431 
432     rsp = qtest_qmp_assert_success_ref(
433         who, "{ 'execute': 'query-migrate-parameters' }");
434     result = g_strdup(qdict_get_str(rsp, parameter));
435     qobject_unref(rsp);
436     return result;
437 }
438 
439 static void migrate_check_parameter_str(QTestState *who, const char *parameter,
440                                         const char *value)
441 {
442     g_autofree char *result = migrate_get_parameter_str(who, parameter);
443     g_assert_cmpstr(result, ==, value);
444 }
445 
446 static void migrate_set_parameter_str(QTestState *who, const char *parameter,
447                                       const char *value)
448 {
449     qtest_qmp_assert_success(who,
450                              "{ 'execute': 'migrate-set-parameters',"
451                              "'arguments': { %s: %s } }",
452                              parameter, value);
453     migrate_check_parameter_str(who, parameter, value);
454 }
455 
456 static long long migrate_get_parameter_bool(QTestState *who,
457                                            const char *parameter)
458 {
459     QDict *rsp;
460     int result;
461 
462     rsp = qtest_qmp_assert_success_ref(
463         who, "{ 'execute': 'query-migrate-parameters' }");
464     result = qdict_get_bool(rsp, parameter);
465     qobject_unref(rsp);
466     return !!result;
467 }
468 
469 static void migrate_check_parameter_bool(QTestState *who, const char *parameter,
470                                         int value)
471 {
472     int result;
473 
474     result = migrate_get_parameter_bool(who, parameter);
475     g_assert_cmpint(result, ==, value);
476 }
477 
478 static void migrate_set_parameter_bool(QTestState *who, const char *parameter,
479                                       int value)
480 {
481     qtest_qmp_assert_success(who,
482                              "{ 'execute': 'migrate-set-parameters',"
483                              "'arguments': { %s: %i } }",
484                              parameter, value);
485     migrate_check_parameter_bool(who, parameter, value);
486 }
487 
488 static void migrate_ensure_non_converge(QTestState *who)
489 {
490     /* Can't converge with 1ms downtime + 3 mbs bandwidth limit */
491     migrate_set_parameter_int(who, "max-bandwidth", 3 * 1000 * 1000);
492     migrate_set_parameter_int(who, "downtime-limit", 1);
493 }
494 
495 static void migrate_ensure_converge(QTestState *who)
496 {
497     /* Should converge with 30s downtime + 1 gbs bandwidth limit */
498     migrate_set_parameter_int(who, "max-bandwidth", 1 * 1000 * 1000 * 1000);
499     migrate_set_parameter_int(who, "downtime-limit", 30 * 1000);
500 }
501 
502 /*
503  * Our goal is to ensure that we run a single full migration
504  * iteration, and also dirty memory, ensuring that at least
505  * one further iteration is required.
506  *
507  * We can't directly synchronize with the start of a migration
508  * so we have to apply some tricks monitoring memory that is
509  * transferred.
510  *
511  * Initially we set the migration bandwidth to an insanely
512  * low value, with tiny max downtime too. This basically
513  * guarantees migration will never complete.
514  *
515  * This will result in a test that is unacceptably slow though,
516  * so we can't let the entire migration pass run at this speed.
517  * Our intent is to let it run just long enough that we can
518  * prove data prior to the marker has been transferred *AND*
519  * also prove this transferred data is dirty again.
520  *
521  * Before migration starts, we write a 64-bit magic marker
522  * into a fixed location in the src VM RAM.
523  *
524  * Then watch dst memory until the marker appears. This is
525  * proof that start_address -> MAGIC_OFFSET_BASE has been
526  * transferred.
527  *
528  * Finally we go back to the source and read a byte just
529  * before the marker until we see it flip in value. This
530  * is proof that start_address -> MAGIC_OFFSET_BASE
531  * is now dirty again.
532  *
533  * IOW, we're guaranteed at least a 2nd migration pass
534  * at this point.
535  *
536  * We can now let migration run at full speed to finish
537  * the test
538  */
539 static void migrate_prepare_for_dirty_mem(QTestState *from)
540 {
541     /*
542      * The guest workflow iterates from start_address to
543      * end_address, writing 1 byte every TEST_MEM_PAGE_SIZE
544      * bytes.
545      *
546      * IOW, if we write to mem at a point which is NOT
547      * a multiple of TEST_MEM_PAGE_SIZE, our write won't
548      * conflict with the migration workflow.
549      *
550      * We put in a marker here, that we'll use to determine
551      * when the data has been transferred to the dst.
552      */
553     qtest_writeq(from, start_address + MAGIC_OFFSET, MAGIC_MARKER);
554 }
555 
556 static void migrate_wait_for_dirty_mem(QTestState *from,
557                                        QTestState *to)
558 {
559     uint64_t watch_address = start_address + MAGIC_OFFSET_BASE;
560     uint64_t marker_address = start_address + MAGIC_OFFSET;
561     uint8_t watch_byte;
562 
563     /*
564      * Wait for the MAGIC_MARKER to get transferred, as an
565      * indicator that a migration pass has made some known
566      * amount of progress.
567      */
568     do {
569         usleep(1000 * 10);
570     } while (qtest_readq(to, marker_address) != MAGIC_MARKER);
571 
572     /*
573      * Now ensure that already transferred bytes are
574      * dirty again from the guest workload. Note the
575      * guest byte value will wrap around and by chance
576      * match the original watch_byte. This is harmless
577      * as we'll eventually see a different value if we
578      * keep watching
579      */
580     watch_byte = qtest_readb(from, watch_address);
581     do {
582         usleep(1000 * 10);
583     } while (qtest_readb(from, watch_address) == watch_byte);
584 }
585 
586 
587 static void migrate_pause(QTestState *who)
588 {
589     qtest_qmp_assert_success(who, "{ 'execute': 'migrate-pause' }");
590 }
591 
592 static void migrate_continue(QTestState *who, const char *state)
593 {
594     qtest_qmp_assert_success(who,
595                              "{ 'execute': 'migrate-continue',"
596                              "  'arguments': { 'state': %s } }",
597                              state);
598 }
599 
600 static void migrate_recover(QTestState *who, const char *uri)
601 {
602     qtest_qmp_assert_success(who,
603                              "{ 'execute': 'migrate-recover', "
604                              "  'id': 'recover-cmd', "
605                              "  'arguments': { 'uri': %s } }",
606                              uri);
607 }
608 
609 static void migrate_cancel(QTestState *who)
610 {
611     qtest_qmp_assert_success(who, "{ 'execute': 'migrate_cancel' }");
612 }
613 
614 static void migrate_postcopy_start(QTestState *from, QTestState *to)
615 {
616     qtest_qmp_assert_success(from, "{ 'execute': 'migrate-start-postcopy' }");
617 
618     if (!got_src_stop) {
619         qtest_qmp_eventwait(from, "STOP");
620     }
621 
622     qtest_qmp_eventwait(to, "RESUME");
623 }
624 
625 typedef struct {
626     /*
627      * QTEST_LOG=1 may override this.  When QTEST_LOG=1, we always dump errors
628      * unconditionally, because it means the user would like to be verbose.
629      */
630     bool hide_stderr;
631     bool use_shmem;
632     /* only launch the target process */
633     bool only_target;
634     /* Use dirty ring if true; dirty logging otherwise */
635     bool use_dirty_ring;
636     const char *opts_source;
637     const char *opts_target;
638 } MigrateStart;
639 
640 /*
641  * A hook that runs after the src and dst QEMUs have been
642  * created, but before the migration is started. This can
643  * be used to set migration parameters and capabilities.
644  *
645  * Returns: NULL, or a pointer to opaque state to be
646  *          later passed to the TestMigrateFinishHook
647  */
648 typedef void * (*TestMigrateStartHook)(QTestState *from,
649                                        QTestState *to);
650 
651 /*
652  * A hook that runs after the migration has finished,
653  * regardless of whether it succeeded or failed, but
654  * before QEMU has terminated (unless it self-terminated
655  * due to migration error)
656  *
657  * @opaque is a pointer to state previously returned
658  * by the TestMigrateStartHook if any, or NULL.
659  */
660 typedef void (*TestMigrateFinishHook)(QTestState *from,
661                                       QTestState *to,
662                                       void *opaque);
663 
664 typedef struct {
665     /* Optional: fine tune start parameters */
666     MigrateStart start;
667 
668     /* Required: the URI for the dst QEMU to listen on */
669     const char *listen_uri;
670 
671     /*
672      * Optional: the URI for the src QEMU to connect to
673      * If NULL, then it will query the dst QEMU for its actual
674      * listening address and use that as the connect address.
675      * This allows for dynamically picking a free TCP port.
676      */
677     const char *connect_uri;
678 
679     /* Optional: callback to run at start to set migration parameters */
680     TestMigrateStartHook start_hook;
681     /* Optional: callback to run at finish to cleanup */
682     TestMigrateFinishHook finish_hook;
683 
684     /*
685      * Optional: normally we expect the migration process to complete.
686      *
687      * There can be a variety of reasons and stages in which failure
688      * can happen during tests.
689      *
690      * If a failure is expected to happen at time of establishing
691      * the connection, then MIG_TEST_FAIL will indicate that the dst
692      * QEMU is expected to stay running and accept future migration
693      * connections.
694      *
695      * If a failure is expected to happen while processing the
696      * migration stream, then MIG_TEST_FAIL_DEST_QUIT_ERR will indicate
697      * that the dst QEMU is expected to quit with non-zero exit status
698      */
699     enum {
700         /* This test should succeed, the default */
701         MIG_TEST_SUCCEED = 0,
702         /* This test should fail, dest qemu should keep alive */
703         MIG_TEST_FAIL,
704         /* This test should fail, dest qemu should fail with abnormal status */
705         MIG_TEST_FAIL_DEST_QUIT_ERR,
706         /* The QMP command for this migration should fail with an error */
707         MIG_TEST_QMP_ERROR,
708     } result;
709 
710     /*
711      * Optional: set number of migration passes to wait for, if live==true.
712      * If zero, then merely wait for a few MB of dirty data
713      */
714     unsigned int iterations;
715 
716     /*
717      * Optional: whether the guest CPUs should be running during a precopy
718      * migration test.  We used to always run with live but it took much
719      * longer so we reduced live tests to only the ones that have solid
720      * reason to be tested live-only.  For each of the new test cases for
721      * precopy please provide justifications to use live explicitly (please
722      * refer to existing ones with live=true), or use live=off by default.
723      */
724     bool live;
725 
726     /* Postcopy specific fields */
727     void *postcopy_data;
728     bool postcopy_preempt;
729 } MigrateCommon;
730 
731 static int test_migrate_start(QTestState **from, QTestState **to,
732                               const char *uri, MigrateStart *args)
733 {
734     g_autofree gchar *arch_source = NULL;
735     g_autofree gchar *arch_target = NULL;
736     /* options for source and target */
737     g_autofree gchar *arch_opts = NULL;
738     g_autofree gchar *cmd_source = NULL;
739     g_autofree gchar *cmd_target = NULL;
740     const gchar *ignore_stderr;
741     g_autofree char *shmem_opts = NULL;
742     g_autofree char *shmem_path = NULL;
743     const char *kvm_opts = NULL;
744     const char *arch = qtest_get_arch();
745     const char *memory_size;
746 
747     if (args->use_shmem) {
748         if (!g_file_test("/dev/shm", G_FILE_TEST_IS_DIR)) {
749             g_test_skip("/dev/shm is not supported");
750             return -1;
751         }
752     }
753 
754     got_src_stop = false;
755     got_dst_resume = false;
756     if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) {
757         memory_size = "150M";
758         arch_opts = g_strdup_printf("-drive file=%s,format=raw", bootpath);
759         start_address = X86_TEST_MEM_START;
760         end_address = X86_TEST_MEM_END;
761     } else if (g_str_equal(arch, "s390x")) {
762         memory_size = "128M";
763         arch_opts = g_strdup_printf("-bios %s", bootpath);
764         start_address = S390_TEST_MEM_START;
765         end_address = S390_TEST_MEM_END;
766     } else if (strcmp(arch, "ppc64") == 0) {
767         memory_size = "256M";
768         start_address = PPC_TEST_MEM_START;
769         end_address = PPC_TEST_MEM_END;
770         arch_source = g_strdup_printf("-prom-env 'use-nvramrc?=true' -prom-env "
771                                       "'nvramrc=hex .\" _\" begin %x %x "
772                                       "do i c@ 1 + i c! 1000 +loop .\" B\" 0 "
773                                       "until'", end_address, start_address);
774         arch_opts = g_strdup("-nodefaults -machine vsmt=8");
775     } else if (strcmp(arch, "aarch64") == 0) {
776         memory_size = "150M";
777         arch_opts = g_strdup_printf("-machine virt,gic-version=max -cpu max "
778                                     "-kernel %s", bootpath);
779         start_address = ARM_TEST_MEM_START;
780         end_address = ARM_TEST_MEM_END;
781     } else {
782         g_assert_not_reached();
783     }
784 
785     if (!getenv("QTEST_LOG") && args->hide_stderr) {
786 #ifndef _WIN32
787         ignore_stderr = "2>/dev/null";
788 #else
789         /*
790          * On Windows the QEMU executable is created via CreateProcess() and
791          * IO redirection does not work, so don't bother adding IO redirection
792          * to the command line.
793          */
794         ignore_stderr = "";
795 #endif
796     } else {
797         ignore_stderr = "";
798     }
799 
800     if (args->use_shmem) {
801         shmem_path = g_strdup_printf("/dev/shm/qemu-%d", getpid());
802         shmem_opts = g_strdup_printf(
803             "-object memory-backend-file,id=mem0,size=%s"
804             ",mem-path=%s,share=on -numa node,memdev=mem0",
805             memory_size, shmem_path);
806     }
807 
808     if (args->use_dirty_ring) {
809         kvm_opts = ",dirty-ring-size=4096";
810     }
811 
812     cmd_source = g_strdup_printf("-accel kvm%s -accel tcg "
813                                  "-name source,debug-threads=on "
814                                  "-m %s "
815                                  "-serial file:%s/src_serial "
816                                  "%s %s %s %s %s",
817                                  kvm_opts ? kvm_opts : "",
818                                  memory_size, tmpfs,
819                                  arch_opts ? arch_opts : "",
820                                  arch_source ? arch_source : "",
821                                  shmem_opts ? shmem_opts : "",
822                                  args->opts_source ? args->opts_source : "",
823                                  ignore_stderr);
824     if (!args->only_target) {
825         *from = qtest_init(cmd_source);
826         qtest_qmp_set_event_callback(*from,
827                                      migrate_watch_for_stop,
828                                      &got_src_stop);
829     }
830 
831     cmd_target = g_strdup_printf("-accel kvm%s -accel tcg "
832                                  "-name target,debug-threads=on "
833                                  "-m %s "
834                                  "-serial file:%s/dest_serial "
835                                  "-incoming %s "
836                                  "%s %s %s %s %s",
837                                  kvm_opts ? kvm_opts : "",
838                                  memory_size, tmpfs, uri,
839                                  arch_opts ? arch_opts : "",
840                                  arch_target ? arch_target : "",
841                                  shmem_opts ? shmem_opts : "",
842                                  args->opts_target ? args->opts_target : "",
843                                  ignore_stderr);
844     *to = qtest_init(cmd_target);
845     qtest_qmp_set_event_callback(*to,
846                                  migrate_watch_for_resume,
847                                  &got_dst_resume);
848 
849     /*
850      * Remove shmem file immediately to avoid memory leak in test failed case.
851      * It's valid because QEMU has already opened this file
852      */
853     if (args->use_shmem) {
854         unlink(shmem_path);
855     }
856 
857     return 0;
858 }
859 
860 static void test_migrate_end(QTestState *from, QTestState *to, bool test_dest)
861 {
862     unsigned char dest_byte_a, dest_byte_b, dest_byte_c, dest_byte_d;
863 
864     qtest_quit(from);
865 
866     if (test_dest) {
867         qtest_memread(to, start_address, &dest_byte_a, 1);
868 
869         /* Destination still running, wait for a byte to change */
870         do {
871             qtest_memread(to, start_address, &dest_byte_b, 1);
872             usleep(1000 * 10);
873         } while (dest_byte_a == dest_byte_b);
874 
875         qtest_qmp_assert_success(to, "{ 'execute' : 'stop'}");
876 
877         /* With it stopped, check nothing changes */
878         qtest_memread(to, start_address, &dest_byte_c, 1);
879         usleep(1000 * 200);
880         qtest_memread(to, start_address, &dest_byte_d, 1);
881         g_assert_cmpint(dest_byte_c, ==, dest_byte_d);
882 
883         check_guests_ram(to);
884     }
885 
886     qtest_quit(to);
887 
888     cleanup("migsocket");
889     cleanup("src_serial");
890     cleanup("dest_serial");
891     cleanup(FILE_TEST_FILENAME);
892 }
893 
894 #ifdef CONFIG_GNUTLS
895 struct TestMigrateTLSPSKData {
896     char *workdir;
897     char *workdiralt;
898     char *pskfile;
899     char *pskfilealt;
900 };
901 
902 static void *
903 test_migrate_tls_psk_start_common(QTestState *from,
904                                   QTestState *to,
905                                   bool mismatch)
906 {
907     struct TestMigrateTLSPSKData *data =
908         g_new0(struct TestMigrateTLSPSKData, 1);
909 
910     data->workdir = g_strdup_printf("%s/tlscredspsk0", tmpfs);
911     data->pskfile = g_strdup_printf("%s/%s", data->workdir,
912                                     QCRYPTO_TLS_CREDS_PSKFILE);
913     g_mkdir_with_parents(data->workdir, 0700);
914     test_tls_psk_init(data->pskfile);
915 
916     if (mismatch) {
917         data->workdiralt = g_strdup_printf("%s/tlscredspskalt0", tmpfs);
918         data->pskfilealt = g_strdup_printf("%s/%s", data->workdiralt,
919                                            QCRYPTO_TLS_CREDS_PSKFILE);
920         g_mkdir_with_parents(data->workdiralt, 0700);
921         test_tls_psk_init_alt(data->pskfilealt);
922     }
923 
924     qtest_qmp_assert_success(from,
925                              "{ 'execute': 'object-add',"
926                              "  'arguments': { 'qom-type': 'tls-creds-psk',"
927                              "                 'id': 'tlscredspsk0',"
928                              "                 'endpoint': 'client',"
929                              "                 'dir': %s,"
930                              "                 'username': 'qemu'} }",
931                              data->workdir);
932 
933     qtest_qmp_assert_success(to,
934                              "{ 'execute': 'object-add',"
935                              "  'arguments': { 'qom-type': 'tls-creds-psk',"
936                              "                 'id': 'tlscredspsk0',"
937                              "                 'endpoint': 'server',"
938                              "                 'dir': %s } }",
939                              mismatch ? data->workdiralt : data->workdir);
940 
941     migrate_set_parameter_str(from, "tls-creds", "tlscredspsk0");
942     migrate_set_parameter_str(to, "tls-creds", "tlscredspsk0");
943 
944     return data;
945 }
946 
947 static void *
948 test_migrate_tls_psk_start_match(QTestState *from,
949                                  QTestState *to)
950 {
951     return test_migrate_tls_psk_start_common(from, to, false);
952 }
953 
954 static void *
955 test_migrate_tls_psk_start_mismatch(QTestState *from,
956                                     QTestState *to)
957 {
958     return test_migrate_tls_psk_start_common(from, to, true);
959 }
960 
961 static void
962 test_migrate_tls_psk_finish(QTestState *from,
963                             QTestState *to,
964                             void *opaque)
965 {
966     struct TestMigrateTLSPSKData *data = opaque;
967 
968     test_tls_psk_cleanup(data->pskfile);
969     if (data->pskfilealt) {
970         test_tls_psk_cleanup(data->pskfilealt);
971     }
972     rmdir(data->workdir);
973     if (data->workdiralt) {
974         rmdir(data->workdiralt);
975     }
976 
977     g_free(data->workdiralt);
978     g_free(data->pskfilealt);
979     g_free(data->workdir);
980     g_free(data->pskfile);
981     g_free(data);
982 }
983 
984 #ifdef CONFIG_TASN1
985 typedef struct {
986     char *workdir;
987     char *keyfile;
988     char *cacert;
989     char *servercert;
990     char *serverkey;
991     char *clientcert;
992     char *clientkey;
993 } TestMigrateTLSX509Data;
994 
995 typedef struct {
996     bool verifyclient;
997     bool clientcert;
998     bool hostileclient;
999     bool authzclient;
1000     const char *certhostname;
1001     const char *certipaddr;
1002 } TestMigrateTLSX509;
1003 
1004 static void *
1005 test_migrate_tls_x509_start_common(QTestState *from,
1006                                    QTestState *to,
1007                                    TestMigrateTLSX509 *args)
1008 {
1009     TestMigrateTLSX509Data *data = g_new0(TestMigrateTLSX509Data, 1);
1010 
1011     data->workdir = g_strdup_printf("%s/tlscredsx5090", tmpfs);
1012     data->keyfile = g_strdup_printf("%s/key.pem", data->workdir);
1013 
1014     data->cacert = g_strdup_printf("%s/ca-cert.pem", data->workdir);
1015     data->serverkey = g_strdup_printf("%s/server-key.pem", data->workdir);
1016     data->servercert = g_strdup_printf("%s/server-cert.pem", data->workdir);
1017     if (args->clientcert) {
1018         data->clientkey = g_strdup_printf("%s/client-key.pem", data->workdir);
1019         data->clientcert = g_strdup_printf("%s/client-cert.pem", data->workdir);
1020     }
1021 
1022     g_mkdir_with_parents(data->workdir, 0700);
1023 
1024     test_tls_init(data->keyfile);
1025 #ifndef _WIN32
1026     g_assert(link(data->keyfile, data->serverkey) == 0);
1027 #else
1028     g_assert(CreateHardLink(data->serverkey, data->keyfile, NULL) != 0);
1029 #endif
1030     if (args->clientcert) {
1031 #ifndef _WIN32
1032         g_assert(link(data->keyfile, data->clientkey) == 0);
1033 #else
1034         g_assert(CreateHardLink(data->clientkey, data->keyfile, NULL) != 0);
1035 #endif
1036     }
1037 
1038     TLS_ROOT_REQ_SIMPLE(cacertreq, data->cacert);
1039     if (args->clientcert) {
1040         TLS_CERT_REQ_SIMPLE_CLIENT(servercertreq, cacertreq,
1041                                    args->hostileclient ?
1042                                    QCRYPTO_TLS_TEST_CLIENT_HOSTILE_NAME :
1043                                    QCRYPTO_TLS_TEST_CLIENT_NAME,
1044                                    data->clientcert);
1045     }
1046 
1047     TLS_CERT_REQ_SIMPLE_SERVER(clientcertreq, cacertreq,
1048                                data->servercert,
1049                                args->certhostname,
1050                                args->certipaddr);
1051 
1052     qtest_qmp_assert_success(from,
1053                              "{ 'execute': 'object-add',"
1054                              "  'arguments': { 'qom-type': 'tls-creds-x509',"
1055                              "                 'id': 'tlscredsx509client0',"
1056                              "                 'endpoint': 'client',"
1057                              "                 'dir': %s,"
1058                              "                 'sanity-check': true,"
1059                              "                 'verify-peer': true} }",
1060                              data->workdir);
1061     migrate_set_parameter_str(from, "tls-creds", "tlscredsx509client0");
1062     if (args->certhostname) {
1063         migrate_set_parameter_str(from, "tls-hostname", args->certhostname);
1064     }
1065 
1066     qtest_qmp_assert_success(to,
1067                              "{ 'execute': 'object-add',"
1068                              "  'arguments': { 'qom-type': 'tls-creds-x509',"
1069                              "                 'id': 'tlscredsx509server0',"
1070                              "                 'endpoint': 'server',"
1071                              "                 'dir': %s,"
1072                              "                 'sanity-check': true,"
1073                              "                 'verify-peer': %i} }",
1074                              data->workdir, args->verifyclient);
1075     migrate_set_parameter_str(to, "tls-creds", "tlscredsx509server0");
1076 
1077     if (args->authzclient) {
1078         qtest_qmp_assert_success(to,
1079                                  "{ 'execute': 'object-add',"
1080                                  "  'arguments': { 'qom-type': 'authz-simple',"
1081                                  "                 'id': 'tlsauthz0',"
1082                                  "                 'identity': %s} }",
1083                                  "CN=" QCRYPTO_TLS_TEST_CLIENT_NAME);
1084         migrate_set_parameter_str(to, "tls-authz", "tlsauthz0");
1085     }
1086 
1087     return data;
1088 }
1089 
1090 /*
1091  * The normal case: match server's cert hostname against
1092  * whatever host we were telling QEMU to connect to (if any)
1093  */
1094 static void *
1095 test_migrate_tls_x509_start_default_host(QTestState *from,
1096                                          QTestState *to)
1097 {
1098     TestMigrateTLSX509 args = {
1099         .verifyclient = true,
1100         .clientcert = true,
1101         .certipaddr = "127.0.0.1"
1102     };
1103     return test_migrate_tls_x509_start_common(from, to, &args);
1104 }
1105 
1106 /*
1107  * The unusual case: the server's cert is different from
1108  * the address we're telling QEMU to connect to (if any),
1109  * so we must give QEMU an explicit hostname to validate
1110  */
1111 static void *
1112 test_migrate_tls_x509_start_override_host(QTestState *from,
1113                                           QTestState *to)
1114 {
1115     TestMigrateTLSX509 args = {
1116         .verifyclient = true,
1117         .clientcert = true,
1118         .certhostname = "qemu.org",
1119     };
1120     return test_migrate_tls_x509_start_common(from, to, &args);
1121 }
1122 
1123 /*
1124  * The unusual case: the server's cert is different from
1125  * the address we're telling QEMU to connect to, and so we
1126  * expect the client to reject the server
1127  */
1128 static void *
1129 test_migrate_tls_x509_start_mismatch_host(QTestState *from,
1130                                           QTestState *to)
1131 {
1132     TestMigrateTLSX509 args = {
1133         .verifyclient = true,
1134         .clientcert = true,
1135         .certipaddr = "10.0.0.1",
1136     };
1137     return test_migrate_tls_x509_start_common(from, to, &args);
1138 }
1139 
1140 static void *
1141 test_migrate_tls_x509_start_friendly_client(QTestState *from,
1142                                             QTestState *to)
1143 {
1144     TestMigrateTLSX509 args = {
1145         .verifyclient = true,
1146         .clientcert = true,
1147         .authzclient = true,
1148         .certipaddr = "127.0.0.1",
1149     };
1150     return test_migrate_tls_x509_start_common(from, to, &args);
1151 }
1152 
1153 static void *
1154 test_migrate_tls_x509_start_hostile_client(QTestState *from,
1155                                            QTestState *to)
1156 {
1157     TestMigrateTLSX509 args = {
1158         .verifyclient = true,
1159         .clientcert = true,
1160         .hostileclient = true,
1161         .authzclient = true,
1162         .certipaddr = "127.0.0.1",
1163     };
1164     return test_migrate_tls_x509_start_common(from, to, &args);
1165 }
1166 
1167 /*
1168  * The case with no client certificate presented,
1169  * and no server verification
1170  */
1171 static void *
1172 test_migrate_tls_x509_start_allow_anon_client(QTestState *from,
1173                                               QTestState *to)
1174 {
1175     TestMigrateTLSX509 args = {
1176         .certipaddr = "127.0.0.1",
1177     };
1178     return test_migrate_tls_x509_start_common(from, to, &args);
1179 }
1180 
1181 /*
1182  * The case with no client certificate presented,
1183  * and server verification rejecting
1184  */
1185 static void *
1186 test_migrate_tls_x509_start_reject_anon_client(QTestState *from,
1187                                                QTestState *to)
1188 {
1189     TestMigrateTLSX509 args = {
1190         .verifyclient = true,
1191         .certipaddr = "127.0.0.1",
1192     };
1193     return test_migrate_tls_x509_start_common(from, to, &args);
1194 }
1195 
1196 static void
1197 test_migrate_tls_x509_finish(QTestState *from,
1198                              QTestState *to,
1199                              void *opaque)
1200 {
1201     TestMigrateTLSX509Data *data = opaque;
1202 
1203     test_tls_cleanup(data->keyfile);
1204     g_free(data->keyfile);
1205 
1206     unlink(data->cacert);
1207     g_free(data->cacert);
1208     unlink(data->servercert);
1209     g_free(data->servercert);
1210     unlink(data->serverkey);
1211     g_free(data->serverkey);
1212 
1213     if (data->clientcert) {
1214         unlink(data->clientcert);
1215         g_free(data->clientcert);
1216     }
1217     if (data->clientkey) {
1218         unlink(data->clientkey);
1219         g_free(data->clientkey);
1220     }
1221 
1222     rmdir(data->workdir);
1223     g_free(data->workdir);
1224 
1225     g_free(data);
1226 }
1227 #endif /* CONFIG_TASN1 */
1228 #endif /* CONFIG_GNUTLS */
1229 
1230 static void *
1231 test_migrate_compress_start(QTestState *from,
1232                             QTestState *to)
1233 {
1234     migrate_set_parameter_int(from, "compress-level", 1);
1235     migrate_set_parameter_int(from, "compress-threads", 4);
1236     migrate_set_parameter_bool(from, "compress-wait-thread", true);
1237     migrate_set_parameter_int(to, "decompress-threads", 4);
1238 
1239     migrate_set_capability(from, "compress", true);
1240     migrate_set_capability(to, "compress", true);
1241 
1242     return NULL;
1243 }
1244 
1245 static void *
1246 test_migrate_compress_nowait_start(QTestState *from,
1247                                    QTestState *to)
1248 {
1249     migrate_set_parameter_int(from, "compress-level", 9);
1250     migrate_set_parameter_int(from, "compress-threads", 1);
1251     migrate_set_parameter_bool(from, "compress-wait-thread", false);
1252     migrate_set_parameter_int(to, "decompress-threads", 1);
1253 
1254     migrate_set_capability(from, "compress", true);
1255     migrate_set_capability(to, "compress", true);
1256 
1257     return NULL;
1258 }
1259 
1260 static int migrate_postcopy_prepare(QTestState **from_ptr,
1261                                     QTestState **to_ptr,
1262                                     MigrateCommon *args)
1263 {
1264     QTestState *from, *to;
1265 
1266     if (test_migrate_start(&from, &to, "defer", &args->start)) {
1267         return -1;
1268     }
1269 
1270     if (args->start_hook) {
1271         args->postcopy_data = args->start_hook(from, to);
1272     }
1273 
1274     migrate_set_capability(from, "postcopy-ram", true);
1275     migrate_set_capability(to, "postcopy-ram", true);
1276     migrate_set_capability(to, "postcopy-blocktime", true);
1277 
1278     if (args->postcopy_preempt) {
1279         migrate_set_capability(from, "postcopy-preempt", true);
1280         migrate_set_capability(to, "postcopy-preempt", true);
1281     }
1282 
1283     migrate_ensure_non_converge(from);
1284 
1285     migrate_prepare_for_dirty_mem(from);
1286     qtest_qmp_assert_success(to, "{ 'execute': 'migrate-incoming',"
1287                              "  'arguments': { 'uri': 'tcp:127.0.0.1:0' }}");
1288 
1289     /* Wait for the first serial output from the source */
1290     wait_for_serial("src_serial");
1291 
1292     g_autofree char *uri = migrate_get_socket_address(to, "socket-address");
1293     migrate_qmp(from, uri, "{}");
1294 
1295     migrate_wait_for_dirty_mem(from, to);
1296 
1297     *from_ptr = from;
1298     *to_ptr = to;
1299 
1300     return 0;
1301 }
1302 
1303 static void migrate_postcopy_complete(QTestState *from, QTestState *to,
1304                                       MigrateCommon *args)
1305 {
1306     wait_for_migration_complete(from);
1307 
1308     /* Make sure we get at least one "B" on destination */
1309     wait_for_serial("dest_serial");
1310 
1311     if (uffd_feature_thread_id) {
1312         read_blocktime(to);
1313     }
1314 
1315     if (args->finish_hook) {
1316         args->finish_hook(from, to, args->postcopy_data);
1317         args->postcopy_data = NULL;
1318     }
1319 
1320     test_migrate_end(from, to, true);
1321 }
1322 
1323 static void test_postcopy_common(MigrateCommon *args)
1324 {
1325     QTestState *from, *to;
1326 
1327     if (migrate_postcopy_prepare(&from, &to, args)) {
1328         return;
1329     }
1330     migrate_postcopy_start(from, to);
1331     migrate_postcopy_complete(from, to, args);
1332 }
1333 
1334 static void test_postcopy(void)
1335 {
1336     MigrateCommon args = { };
1337 
1338     test_postcopy_common(&args);
1339 }
1340 
1341 static void test_postcopy_compress(void)
1342 {
1343     MigrateCommon args = {
1344         .start_hook = test_migrate_compress_start
1345     };
1346 
1347     test_postcopy_common(&args);
1348 }
1349 
1350 static void test_postcopy_preempt(void)
1351 {
1352     MigrateCommon args = {
1353         .postcopy_preempt = true,
1354     };
1355 
1356     test_postcopy_common(&args);
1357 }
1358 
1359 #ifdef CONFIG_GNUTLS
1360 static void test_postcopy_tls_psk(void)
1361 {
1362     MigrateCommon args = {
1363         .start_hook = test_migrate_tls_psk_start_match,
1364         .finish_hook = test_migrate_tls_psk_finish,
1365     };
1366 
1367     test_postcopy_common(&args);
1368 }
1369 
1370 static void test_postcopy_preempt_tls_psk(void)
1371 {
1372     MigrateCommon args = {
1373         .postcopy_preempt = true,
1374         .start_hook = test_migrate_tls_psk_start_match,
1375         .finish_hook = test_migrate_tls_psk_finish,
1376     };
1377 
1378     test_postcopy_common(&args);
1379 }
1380 #endif
1381 
1382 static void test_postcopy_recovery_common(MigrateCommon *args)
1383 {
1384     QTestState *from, *to;
1385     g_autofree char *uri = NULL;
1386 
1387     /* Always hide errors for postcopy recover tests since they're expected */
1388     args->start.hide_stderr = true;
1389 
1390     if (migrate_postcopy_prepare(&from, &to, args)) {
1391         return;
1392     }
1393 
1394     /* Turn postcopy speed down, 4K/s is slow enough on any machines */
1395     migrate_set_parameter_int(from, "max-postcopy-bandwidth", 4096);
1396 
1397     /* Now we start the postcopy */
1398     migrate_postcopy_start(from, to);
1399 
1400     /*
1401      * Wait until postcopy is really started; we can only run the
1402      * migrate-pause command during a postcopy
1403      */
1404     wait_for_migration_status(from, "postcopy-active", NULL);
1405 
1406     /*
1407      * Manually stop the postcopy migration. This emulates a network
1408      * failure with the migration socket
1409      */
1410     migrate_pause(from);
1411 
1412     /*
1413      * Wait for destination side to reach postcopy-paused state.  The
1414      * migrate-recover command can only succeed if destination machine
1415      * is in the paused state
1416      */
1417     wait_for_migration_status(to, "postcopy-paused",
1418                               (const char * []) { "failed", "active",
1419                                                   "completed", NULL });
1420 
1421     /*
1422      * Create a new socket to emulate a new channel that is different
1423      * from the broken migration channel; tell the destination to
1424      * listen to the new port
1425      */
1426     uri = g_strdup_printf("unix:%s/migsocket-recover", tmpfs);
1427     migrate_recover(to, uri);
1428 
1429     /*
1430      * Try to rebuild the migration channel using the resume flag and
1431      * the newly created channel
1432      */
1433     wait_for_migration_status(from, "postcopy-paused",
1434                               (const char * []) { "failed", "active",
1435                                                   "completed", NULL });
1436     migrate_qmp(from, uri, "{'resume': true}");
1437 
1438     /* Restore the postcopy bandwidth to unlimited */
1439     migrate_set_parameter_int(from, "max-postcopy-bandwidth", 0);
1440 
1441     migrate_postcopy_complete(from, to, args);
1442 }
1443 
1444 static void test_postcopy_recovery(void)
1445 {
1446     MigrateCommon args = { };
1447 
1448     test_postcopy_recovery_common(&args);
1449 }
1450 
1451 static void test_postcopy_recovery_compress(void)
1452 {
1453     MigrateCommon args = {
1454         .start_hook = test_migrate_compress_start
1455     };
1456 
1457     test_postcopy_recovery_common(&args);
1458 }
1459 
1460 #ifdef CONFIG_GNUTLS
1461 static void test_postcopy_recovery_tls_psk(void)
1462 {
1463     MigrateCommon args = {
1464         .start_hook = test_migrate_tls_psk_start_match,
1465         .finish_hook = test_migrate_tls_psk_finish,
1466     };
1467 
1468     test_postcopy_recovery_common(&args);
1469 }
1470 #endif
1471 
1472 static void test_postcopy_preempt_recovery(void)
1473 {
1474     MigrateCommon args = {
1475         .postcopy_preempt = true,
1476     };
1477 
1478     test_postcopy_recovery_common(&args);
1479 }
1480 
1481 #ifdef CONFIG_GNUTLS
1482 /* This contains preempt+recovery+tls test altogether */
1483 static void test_postcopy_preempt_all(void)
1484 {
1485     MigrateCommon args = {
1486         .postcopy_preempt = true,
1487         .start_hook = test_migrate_tls_psk_start_match,
1488         .finish_hook = test_migrate_tls_psk_finish,
1489     };
1490 
1491     test_postcopy_recovery_common(&args);
1492 }
1493 
1494 #endif
1495 
1496 static void test_baddest(void)
1497 {
1498     MigrateStart args = {
1499         .hide_stderr = true
1500     };
1501     QTestState *from, *to;
1502 
1503     if (test_migrate_start(&from, &to, "tcp:127.0.0.1:0", &args)) {
1504         return;
1505     }
1506     migrate_qmp(from, "tcp:127.0.0.1:0", "{}");
1507     wait_for_migration_fail(from, false);
1508     test_migrate_end(from, to, false);
1509 }
1510 
1511 #ifndef _WIN32
1512 static void test_analyze_script(void)
1513 {
1514     MigrateStart args = {
1515         .opts_source = "-uuid 11111111-1111-1111-1111-111111111111",
1516     };
1517     QTestState *from, *to;
1518     g_autofree char *uri = NULL;
1519     g_autofree char *file = NULL;
1520     int pid, wstatus;
1521     const char *python = g_getenv("PYTHON");
1522 
1523     if (!python) {
1524         g_test_skip("PYTHON variable not set");
1525         return;
1526     }
1527 
1528     /* dummy url */
1529     if (test_migrate_start(&from, &to, "tcp:127.0.0.1:0", &args)) {
1530         return;
1531     }
1532 
1533     /*
1534      * Setting these two capabilities causes the "configuration"
1535      * vmstate to include subsections for them. The script needs to
1536      * parse those subsections properly.
1537      */
1538     migrate_set_capability(from, "validate-uuid", true);
1539     migrate_set_capability(from, "x-ignore-shared", true);
1540 
1541     file = g_strdup_printf("%s/migfile", tmpfs);
1542     uri = g_strdup_printf("exec:cat > %s", file);
1543 
1544     migrate_ensure_converge(from);
1545     migrate_qmp(from, uri, "{}");
1546     wait_for_migration_complete(from);
1547 
1548     pid = fork();
1549     if (!pid) {
1550         close(1);
1551         open("/dev/null", O_WRONLY);
1552         execl(python, python, ANALYZE_SCRIPT, "-f", file, NULL);
1553         g_assert_not_reached();
1554     }
1555 
1556     g_assert(waitpid(pid, &wstatus, 0) == pid);
1557     if (WIFEXITED(wstatus) && WEXITSTATUS(wstatus) != 0) {
1558         g_test_message("Failed to analyze the migration stream");
1559         g_test_fail();
1560     }
1561     test_migrate_end(from, to, false);
1562     cleanup("migfile");
1563 }
1564 #endif
1565 
1566 static void test_precopy_common(MigrateCommon *args)
1567 {
1568     QTestState *from, *to;
1569     void *data_hook = NULL;
1570     g_autofree char *connect_uri = NULL;
1571 
1572     if (test_migrate_start(&from, &to, args->listen_uri, &args->start)) {
1573         return;
1574     }
1575 
1576     if (args->start_hook) {
1577         data_hook = args->start_hook(from, to);
1578     }
1579 
1580     /* Wait for the first serial output from the source */
1581     if (args->result == MIG_TEST_SUCCEED) {
1582         wait_for_serial("src_serial");
1583     }
1584 
1585     if (args->live) {
1586         migrate_ensure_non_converge(from);
1587         migrate_prepare_for_dirty_mem(from);
1588     } else {
1589         /*
1590          * Testing non-live migration, we allow it to run at
1591          * full speed to ensure short test case duration.
1592          * For tests expected to fail, we don't need to
1593          * change anything.
1594          */
1595         if (args->result == MIG_TEST_SUCCEED) {
1596             qtest_qmp_assert_success(from, "{ 'execute' : 'stop'}");
1597             if (!got_src_stop) {
1598                 qtest_qmp_eventwait(from, "STOP");
1599             }
1600             migrate_ensure_converge(from);
1601         }
1602     }
1603 
1604     if (!args->connect_uri) {
1605         connect_uri = migrate_get_socket_address(to, "socket-address");
1606     } else {
1607         connect_uri = g_strdup(args->connect_uri);
1608     }
1609 
1610     if (args->result == MIG_TEST_QMP_ERROR) {
1611         migrate_qmp_fail(from, connect_uri, "{}");
1612         goto finish;
1613     }
1614 
1615     migrate_qmp(from, connect_uri, "{}");
1616 
1617     if (args->result != MIG_TEST_SUCCEED) {
1618         bool allow_active = args->result == MIG_TEST_FAIL;
1619         wait_for_migration_fail(from, allow_active);
1620 
1621         if (args->result == MIG_TEST_FAIL_DEST_QUIT_ERR) {
1622             qtest_set_expected_status(to, EXIT_FAILURE);
1623         }
1624     } else {
1625         if (args->live) {
1626             /*
1627              * For initial iteration(s) we must do a full pass,
1628              * but for the final iteration, we need only wait
1629              * for some dirty mem before switching to converge
1630              */
1631             while (args->iterations > 1) {
1632                 wait_for_migration_pass(from);
1633                 args->iterations--;
1634             }
1635             migrate_wait_for_dirty_mem(from, to);
1636 
1637             migrate_ensure_converge(from);
1638 
1639             /*
1640              * We do this first, as it has a timeout to stop us
1641              * hanging forever if migration didn't converge
1642              */
1643             wait_for_migration_complete(from);
1644 
1645             if (!got_src_stop) {
1646                 qtest_qmp_eventwait(from, "STOP");
1647             }
1648         } else {
1649             wait_for_migration_complete(from);
1650             /*
1651              * Must wait for dst to finish reading all incoming
1652              * data on the socket before issuing 'cont' otherwise
1653              * it'll be ignored
1654              */
1655             wait_for_migration_complete(to);
1656 
1657             qtest_qmp_assert_success(to, "{ 'execute' : 'cont'}");
1658         }
1659 
1660         if (!got_dst_resume) {
1661             qtest_qmp_eventwait(to, "RESUME");
1662         }
1663 
1664         wait_for_serial("dest_serial");
1665     }
1666 
1667 finish:
1668     if (args->finish_hook) {
1669         args->finish_hook(from, to, data_hook);
1670     }
1671 
1672     test_migrate_end(from, to, args->result == MIG_TEST_SUCCEED);
1673 }
1674 
1675 static void test_file_common(MigrateCommon *args, bool stop_src)
1676 {
1677     QTestState *from, *to;
1678     void *data_hook = NULL;
1679     g_autofree char *connect_uri = g_strdup(args->connect_uri);
1680 
1681     if (test_migrate_start(&from, &to, args->listen_uri, &args->start)) {
1682         return;
1683     }
1684 
1685     /*
1686      * File migration is never live. We can keep the source VM running
1687      * during migration, but the destination will not be running
1688      * concurrently.
1689      */
1690     g_assert_false(args->live);
1691 
1692     if (args->start_hook) {
1693         data_hook = args->start_hook(from, to);
1694     }
1695 
1696     migrate_ensure_converge(from);
1697     wait_for_serial("src_serial");
1698 
1699     if (stop_src) {
1700         qtest_qmp_assert_success(from, "{ 'execute' : 'stop'}");
1701         if (!got_src_stop) {
1702             qtest_qmp_eventwait(from, "STOP");
1703         }
1704     }
1705 
1706     if (args->result == MIG_TEST_QMP_ERROR) {
1707         migrate_qmp_fail(from, connect_uri, "{}");
1708         goto finish;
1709     }
1710 
1711     migrate_qmp(from, connect_uri, "{}");
1712     wait_for_migration_complete(from);
1713 
1714     /*
1715      * We need to wait for the source to finish before starting the
1716      * destination.
1717      */
1718     migrate_incoming_qmp(to, connect_uri, "{}");
1719     wait_for_migration_complete(to);
1720 
1721     if (stop_src) {
1722         qtest_qmp_assert_success(to, "{ 'execute' : 'cont'}");
1723     }
1724 
1725     if (!got_dst_resume) {
1726         qtest_qmp_eventwait(to, "RESUME");
1727     }
1728 
1729     wait_for_serial("dest_serial");
1730 
1731 finish:
1732     if (args->finish_hook) {
1733         args->finish_hook(from, to, data_hook);
1734     }
1735 
1736     test_migrate_end(from, to, args->result == MIG_TEST_SUCCEED);
1737 }
1738 
1739 static void test_precopy_unix_plain(void)
1740 {
1741     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1742     MigrateCommon args = {
1743         .listen_uri = uri,
1744         .connect_uri = uri,
1745         /*
1746          * The simplest use case of precopy, covering smoke tests of
1747          * get-dirty-log dirty tracking.
1748          */
1749         .live = true,
1750     };
1751 
1752     test_precopy_common(&args);
1753 }
1754 
1755 
1756 static void test_precopy_unix_dirty_ring(void)
1757 {
1758     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1759     MigrateCommon args = {
1760         .start = {
1761             .use_dirty_ring = true,
1762         },
1763         .listen_uri = uri,
1764         .connect_uri = uri,
1765         /*
1766          * Besides the precopy/unix basic test, cover dirty ring interface
1767          * rather than get-dirty-log.
1768          */
1769         .live = true,
1770     };
1771 
1772     test_precopy_common(&args);
1773 }
1774 
1775 #ifdef CONFIG_GNUTLS
1776 static void test_precopy_unix_tls_psk(void)
1777 {
1778     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1779     MigrateCommon args = {
1780         .connect_uri = uri,
1781         .listen_uri = uri,
1782         .start_hook = test_migrate_tls_psk_start_match,
1783         .finish_hook = test_migrate_tls_psk_finish,
1784     };
1785 
1786     test_precopy_common(&args);
1787 }
1788 
1789 #ifdef CONFIG_TASN1
1790 static void test_precopy_unix_tls_x509_default_host(void)
1791 {
1792     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1793     MigrateCommon args = {
1794         .start = {
1795             .hide_stderr = true,
1796         },
1797         .connect_uri = uri,
1798         .listen_uri = uri,
1799         .start_hook = test_migrate_tls_x509_start_default_host,
1800         .finish_hook = test_migrate_tls_x509_finish,
1801         .result = MIG_TEST_FAIL_DEST_QUIT_ERR,
1802     };
1803 
1804     test_precopy_common(&args);
1805 }
1806 
1807 static void test_precopy_unix_tls_x509_override_host(void)
1808 {
1809     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1810     MigrateCommon args = {
1811         .connect_uri = uri,
1812         .listen_uri = uri,
1813         .start_hook = test_migrate_tls_x509_start_override_host,
1814         .finish_hook = test_migrate_tls_x509_finish,
1815     };
1816 
1817     test_precopy_common(&args);
1818 }
1819 #endif /* CONFIG_TASN1 */
1820 #endif /* CONFIG_GNUTLS */
1821 
1822 #if 0
1823 /* Currently upset on aarch64 TCG */
1824 static void test_ignore_shared(void)
1825 {
1826     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1827     QTestState *from, *to;
1828 
1829     if (test_migrate_start(&from, &to, uri, false, true, NULL, NULL)) {
1830         return;
1831     }
1832 
1833     migrate_ensure_non_converge(from);
1834     migrate_prepare_for_dirty_mem(from);
1835 
1836     migrate_set_capability(from, "x-ignore-shared", true);
1837     migrate_set_capability(to, "x-ignore-shared", true);
1838 
1839     /* Wait for the first serial output from the source */
1840     wait_for_serial("src_serial");
1841 
1842     migrate_qmp(from, uri, "{}");
1843 
1844     migrate_wait_for_dirty_mem(from, to);
1845 
1846     if (!got_src_stop) {
1847         qtest_qmp_eventwait(from, "STOP");
1848     }
1849 
1850     qtest_qmp_eventwait(to, "RESUME");
1851 
1852     wait_for_serial("dest_serial");
1853     wait_for_migration_complete(from);
1854 
1855     /* Check whether shared RAM has been really skipped */
1856     g_assert_cmpint(read_ram_property_int(from, "transferred"), <, 1024 * 1024);
1857 
1858     test_migrate_end(from, to, true);
1859 }
1860 #endif
1861 
1862 static void *
1863 test_migrate_xbzrle_start(QTestState *from,
1864                           QTestState *to)
1865 {
1866     migrate_set_parameter_int(from, "xbzrle-cache-size", 33554432);
1867 
1868     migrate_set_capability(from, "xbzrle", true);
1869     migrate_set_capability(to, "xbzrle", true);
1870 
1871     return NULL;
1872 }
1873 
1874 static void test_precopy_unix_xbzrle(void)
1875 {
1876     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1877     MigrateCommon args = {
1878         .connect_uri = uri,
1879         .listen_uri = uri,
1880         .start_hook = test_migrate_xbzrle_start,
1881         .iterations = 2,
1882         /*
1883          * XBZRLE needs pages to be modified when doing the 2nd+ round
1884          * iteration to have real data pushed to the stream.
1885          */
1886         .live = true,
1887     };
1888 
1889     test_precopy_common(&args);
1890 }
1891 
1892 static void test_precopy_unix_compress(void)
1893 {
1894     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1895     MigrateCommon args = {
1896         .connect_uri = uri,
1897         .listen_uri = uri,
1898         .start_hook = test_migrate_compress_start,
1899         /*
1900          * Test that no invalid thread state is left over from
1901          * the previous iteration.
1902          */
1903         .iterations = 2,
1904         /*
1905          * We make sure the compressor can always work well even if guest
1906          * memory is changing.  See commit 34ab9e9743 where we used to fix
1907          * a bug when only trigger-able with guest memory changing.
1908          */
1909         .live = true,
1910     };
1911 
1912     test_precopy_common(&args);
1913 }
1914 
1915 static void test_precopy_unix_compress_nowait(void)
1916 {
1917     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1918     MigrateCommon args = {
1919         .connect_uri = uri,
1920         .listen_uri = uri,
1921         .start_hook = test_migrate_compress_nowait_start,
1922         /*
1923          * Test that no invalid thread state is left over from
1924          * the previous iteration.
1925          */
1926         .iterations = 2,
1927         /* Same reason for the wait version of precopy compress test */
1928         .live = true,
1929     };
1930 
1931     test_precopy_common(&args);
1932 }
1933 
1934 static void test_precopy_file(void)
1935 {
1936     g_autofree char *uri = g_strdup_printf("file:%s/%s", tmpfs,
1937                                            FILE_TEST_FILENAME);
1938     MigrateCommon args = {
1939         .connect_uri = uri,
1940         .listen_uri = "defer",
1941     };
1942 
1943     test_file_common(&args, true);
1944 }
1945 
1946 static void file_offset_finish_hook(QTestState *from, QTestState *to,
1947                                     void *opaque)
1948 {
1949 #if defined(__linux__)
1950     g_autofree char *path = g_strdup_printf("%s/%s", tmpfs, FILE_TEST_FILENAME);
1951     size_t size = FILE_TEST_OFFSET + sizeof(QEMU_VM_FILE_MAGIC);
1952     uintptr_t *addr, *p;
1953     int fd;
1954 
1955     fd = open(path, O_RDONLY);
1956     g_assert(fd != -1);
1957     addr = mmap(NULL, size, PROT_READ, MAP_SHARED, fd, 0);
1958     g_assert(addr != MAP_FAILED);
1959 
1960     /*
1961      * Ensure the skipped offset contains zeros and the migration
1962      * stream starts at the right place.
1963      */
1964     p = addr;
1965     while (p < addr + FILE_TEST_OFFSET / sizeof(uintptr_t)) {
1966         g_assert(*p == 0);
1967         p++;
1968     }
1969     g_assert_cmpint(cpu_to_be64(*p) >> 32, ==, QEMU_VM_FILE_MAGIC);
1970 
1971     munmap(addr, size);
1972     close(fd);
1973 #endif
1974 }
1975 
1976 static void test_precopy_file_offset(void)
1977 {
1978     g_autofree char *uri = g_strdup_printf("file:%s/%s,offset=%d", tmpfs,
1979                                            FILE_TEST_FILENAME,
1980                                            FILE_TEST_OFFSET);
1981     MigrateCommon args = {
1982         .connect_uri = uri,
1983         .listen_uri = "defer",
1984         .finish_hook = file_offset_finish_hook,
1985     };
1986 
1987     test_file_common(&args, false);
1988 }
1989 
1990 static void test_precopy_file_offset_bad(void)
1991 {
1992     /* using a value not supported by qemu_strtosz() */
1993     g_autofree char *uri = g_strdup_printf("file:%s/%s,offset=0x20M",
1994                                            tmpfs, FILE_TEST_FILENAME);
1995     MigrateCommon args = {
1996         .connect_uri = uri,
1997         .listen_uri = "defer",
1998         .result = MIG_TEST_QMP_ERROR,
1999     };
2000 
2001     test_file_common(&args, false);
2002 }
2003 
2004 static void test_precopy_tcp_plain(void)
2005 {
2006     MigrateCommon args = {
2007         .listen_uri = "tcp:127.0.0.1:0",
2008     };
2009 
2010     test_precopy_common(&args);
2011 }
2012 
2013 static void *test_migrate_switchover_ack_start(QTestState *from, QTestState *to)
2014 {
2015 
2016     migrate_set_capability(from, "return-path", true);
2017     migrate_set_capability(to, "return-path", true);
2018 
2019     migrate_set_capability(from, "switchover-ack", true);
2020     migrate_set_capability(to, "switchover-ack", true);
2021 
2022     return NULL;
2023 }
2024 
2025 static void test_precopy_tcp_switchover_ack(void)
2026 {
2027     MigrateCommon args = {
2028         .listen_uri = "tcp:127.0.0.1:0",
2029         .start_hook = test_migrate_switchover_ack_start,
2030         /*
2031          * Source VM must be running in order to consider the switchover ACK
2032          * when deciding to do switchover or not.
2033          */
2034         .live = true,
2035     };
2036 
2037     test_precopy_common(&args);
2038 }
2039 
2040 #ifdef CONFIG_GNUTLS
2041 static void test_precopy_tcp_tls_psk_match(void)
2042 {
2043     MigrateCommon args = {
2044         .listen_uri = "tcp:127.0.0.1:0",
2045         .start_hook = test_migrate_tls_psk_start_match,
2046         .finish_hook = test_migrate_tls_psk_finish,
2047     };
2048 
2049     test_precopy_common(&args);
2050 }
2051 
2052 static void test_precopy_tcp_tls_psk_mismatch(void)
2053 {
2054     MigrateCommon args = {
2055         .start = {
2056             .hide_stderr = true,
2057         },
2058         .listen_uri = "tcp:127.0.0.1:0",
2059         .start_hook = test_migrate_tls_psk_start_mismatch,
2060         .finish_hook = test_migrate_tls_psk_finish,
2061         .result = MIG_TEST_FAIL,
2062     };
2063 
2064     test_precopy_common(&args);
2065 }
2066 
2067 #ifdef CONFIG_TASN1
2068 static void test_precopy_tcp_tls_x509_default_host(void)
2069 {
2070     MigrateCommon args = {
2071         .listen_uri = "tcp:127.0.0.1:0",
2072         .start_hook = test_migrate_tls_x509_start_default_host,
2073         .finish_hook = test_migrate_tls_x509_finish,
2074     };
2075 
2076     test_precopy_common(&args);
2077 }
2078 
2079 static void test_precopy_tcp_tls_x509_override_host(void)
2080 {
2081     MigrateCommon args = {
2082         .listen_uri = "tcp:127.0.0.1:0",
2083         .start_hook = test_migrate_tls_x509_start_override_host,
2084         .finish_hook = test_migrate_tls_x509_finish,
2085     };
2086 
2087     test_precopy_common(&args);
2088 }
2089 
2090 static void test_precopy_tcp_tls_x509_mismatch_host(void)
2091 {
2092     MigrateCommon args = {
2093         .start = {
2094             .hide_stderr = true,
2095         },
2096         .listen_uri = "tcp:127.0.0.1:0",
2097         .start_hook = test_migrate_tls_x509_start_mismatch_host,
2098         .finish_hook = test_migrate_tls_x509_finish,
2099         .result = MIG_TEST_FAIL_DEST_QUIT_ERR,
2100     };
2101 
2102     test_precopy_common(&args);
2103 }
2104 
2105 static void test_precopy_tcp_tls_x509_friendly_client(void)
2106 {
2107     MigrateCommon args = {
2108         .listen_uri = "tcp:127.0.0.1:0",
2109         .start_hook = test_migrate_tls_x509_start_friendly_client,
2110         .finish_hook = test_migrate_tls_x509_finish,
2111     };
2112 
2113     test_precopy_common(&args);
2114 }
2115 
2116 static void test_precopy_tcp_tls_x509_hostile_client(void)
2117 {
2118     MigrateCommon args = {
2119         .start = {
2120             .hide_stderr = true,
2121         },
2122         .listen_uri = "tcp:127.0.0.1:0",
2123         .start_hook = test_migrate_tls_x509_start_hostile_client,
2124         .finish_hook = test_migrate_tls_x509_finish,
2125         .result = MIG_TEST_FAIL,
2126     };
2127 
2128     test_precopy_common(&args);
2129 }
2130 
2131 static void test_precopy_tcp_tls_x509_allow_anon_client(void)
2132 {
2133     MigrateCommon args = {
2134         .listen_uri = "tcp:127.0.0.1:0",
2135         .start_hook = test_migrate_tls_x509_start_allow_anon_client,
2136         .finish_hook = test_migrate_tls_x509_finish,
2137     };
2138 
2139     test_precopy_common(&args);
2140 }
2141 
2142 static void test_precopy_tcp_tls_x509_reject_anon_client(void)
2143 {
2144     MigrateCommon args = {
2145         .start = {
2146             .hide_stderr = true,
2147         },
2148         .listen_uri = "tcp:127.0.0.1:0",
2149         .start_hook = test_migrate_tls_x509_start_reject_anon_client,
2150         .finish_hook = test_migrate_tls_x509_finish,
2151         .result = MIG_TEST_FAIL,
2152     };
2153 
2154     test_precopy_common(&args);
2155 }
2156 #endif /* CONFIG_TASN1 */
2157 #endif /* CONFIG_GNUTLS */
2158 
2159 #ifndef _WIN32
2160 static void *test_migrate_fd_start_hook(QTestState *from,
2161                                         QTestState *to)
2162 {
2163     int ret;
2164     int pair[2];
2165 
2166     /* Create two connected sockets for migration */
2167     ret = qemu_socketpair(PF_LOCAL, SOCK_STREAM, 0, pair);
2168     g_assert_cmpint(ret, ==, 0);
2169 
2170     /* Send the 1st socket to the target */
2171     qtest_qmp_fds_assert_success(to, &pair[0], 1,
2172                                  "{ 'execute': 'getfd',"
2173                                  "  'arguments': { 'fdname': 'fd-mig' }}");
2174     close(pair[0]);
2175 
2176     /* Start incoming migration from the 1st socket */
2177     migrate_incoming_qmp(to, "fd:fd-mig", "{}");
2178 
2179     /* Send the 2nd socket to the target */
2180     qtest_qmp_fds_assert_success(from, &pair[1], 1,
2181                                  "{ 'execute': 'getfd',"
2182                                  "  'arguments': { 'fdname': 'fd-mig' }}");
2183     close(pair[1]);
2184 
2185     return NULL;
2186 }
2187 
2188 static void test_migrate_fd_finish_hook(QTestState *from,
2189                                         QTestState *to,
2190                                         void *opaque)
2191 {
2192     QDict *rsp;
2193     const char *error_desc;
2194 
2195     /* Test closing fds */
2196     /* We assume, that QEMU removes named fd from its list,
2197      * so this should fail */
2198     rsp = qtest_qmp(from, "{ 'execute': 'closefd',"
2199                           "  'arguments': { 'fdname': 'fd-mig' }}");
2200     g_assert_true(qdict_haskey(rsp, "error"));
2201     error_desc = qdict_get_str(qdict_get_qdict(rsp, "error"), "desc");
2202     g_assert_cmpstr(error_desc, ==, "File descriptor named 'fd-mig' not found");
2203     qobject_unref(rsp);
2204 
2205     rsp = qtest_qmp(to, "{ 'execute': 'closefd',"
2206                         "  'arguments': { 'fdname': 'fd-mig' }}");
2207     g_assert_true(qdict_haskey(rsp, "error"));
2208     error_desc = qdict_get_str(qdict_get_qdict(rsp, "error"), "desc");
2209     g_assert_cmpstr(error_desc, ==, "File descriptor named 'fd-mig' not found");
2210     qobject_unref(rsp);
2211 }
2212 
2213 static void test_migrate_fd_proto(void)
2214 {
2215     MigrateCommon args = {
2216         .listen_uri = "defer",
2217         .connect_uri = "fd:fd-mig",
2218         .start_hook = test_migrate_fd_start_hook,
2219         .finish_hook = test_migrate_fd_finish_hook
2220     };
2221     test_precopy_common(&args);
2222 }
2223 #endif /* _WIN32 */
2224 
2225 static void do_test_validate_uuid(MigrateStart *args, bool should_fail)
2226 {
2227     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
2228     QTestState *from, *to;
2229 
2230     if (test_migrate_start(&from, &to, uri, args)) {
2231         return;
2232     }
2233 
2234     /*
2235      * UUID validation is at the begin of migration. So, the main process of
2236      * migration is not interesting for us here. Thus, set huge downtime for
2237      * very fast migration.
2238      */
2239     migrate_set_parameter_int(from, "downtime-limit", 1000000);
2240     migrate_set_capability(from, "validate-uuid", true);
2241 
2242     /* Wait for the first serial output from the source */
2243     wait_for_serial("src_serial");
2244 
2245     migrate_qmp(from, uri, "{}");
2246 
2247     if (should_fail) {
2248         qtest_set_expected_status(to, EXIT_FAILURE);
2249         wait_for_migration_fail(from, true);
2250     } else {
2251         wait_for_migration_complete(from);
2252     }
2253 
2254     test_migrate_end(from, to, false);
2255 }
2256 
2257 static void test_validate_uuid(void)
2258 {
2259     MigrateStart args = {
2260         .opts_source = "-uuid 11111111-1111-1111-1111-111111111111",
2261         .opts_target = "-uuid 11111111-1111-1111-1111-111111111111",
2262     };
2263 
2264     do_test_validate_uuid(&args, false);
2265 }
2266 
2267 static void test_validate_uuid_error(void)
2268 {
2269     MigrateStart args = {
2270         .opts_source = "-uuid 11111111-1111-1111-1111-111111111111",
2271         .opts_target = "-uuid 22222222-2222-2222-2222-222222222222",
2272         .hide_stderr = true,
2273     };
2274 
2275     do_test_validate_uuid(&args, true);
2276 }
2277 
2278 static void test_validate_uuid_src_not_set(void)
2279 {
2280     MigrateStart args = {
2281         .opts_target = "-uuid 22222222-2222-2222-2222-222222222222",
2282         .hide_stderr = true,
2283     };
2284 
2285     do_test_validate_uuid(&args, false);
2286 }
2287 
2288 static void test_validate_uuid_dst_not_set(void)
2289 {
2290     MigrateStart args = {
2291         .opts_source = "-uuid 11111111-1111-1111-1111-111111111111",
2292         .hide_stderr = true,
2293     };
2294 
2295     do_test_validate_uuid(&args, false);
2296 }
2297 
2298 /*
2299  * The way auto_converge works, we need to do too many passes to
2300  * run this test.  Auto_converge logic is only run once every
2301  * three iterations, so:
2302  *
2303  * - 3 iterations without auto_converge enabled
2304  * - 3 iterations with pct = 5
2305  * - 3 iterations with pct = 30
2306  * - 3 iterations with pct = 55
2307  * - 3 iterations with pct = 80
2308  * - 3 iterations with pct = 95 (max(95, 80 + 25))
2309  *
2310  * To make things even worse, we need to run the initial stage at
2311  * 3MB/s so we enter autoconverge even when host is (over)loaded.
2312  */
2313 static void test_migrate_auto_converge(void)
2314 {
2315     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
2316     MigrateStart args = {};
2317     QTestState *from, *to;
2318     int64_t percentage;
2319 
2320     /*
2321      * We want the test to be stable and as fast as possible.
2322      * E.g., with 1Gb/s bandwidth migration may pass without throttling,
2323      * so we need to decrease a bandwidth.
2324      */
2325     const int64_t init_pct = 5, inc_pct = 25, max_pct = 95;
2326 
2327     if (test_migrate_start(&from, &to, uri, &args)) {
2328         return;
2329     }
2330 
2331     migrate_set_capability(from, "auto-converge", true);
2332     migrate_set_parameter_int(from, "cpu-throttle-initial", init_pct);
2333     migrate_set_parameter_int(from, "cpu-throttle-increment", inc_pct);
2334     migrate_set_parameter_int(from, "max-cpu-throttle", max_pct);
2335 
2336     /*
2337      * Set the initial parameters so that the migration could not converge
2338      * without throttling.
2339      */
2340     migrate_ensure_non_converge(from);
2341 
2342     /* To check remaining size after precopy */
2343     migrate_set_capability(from, "pause-before-switchover", true);
2344 
2345     /* Wait for the first serial output from the source */
2346     wait_for_serial("src_serial");
2347 
2348     migrate_qmp(from, uri, "{}");
2349 
2350     /* Wait for throttling begins */
2351     percentage = 0;
2352     do {
2353         percentage = read_migrate_property_int(from, "cpu-throttle-percentage");
2354         if (percentage != 0) {
2355             break;
2356         }
2357         usleep(20);
2358         g_assert_false(got_src_stop);
2359     } while (true);
2360     /* The first percentage of throttling should be at least init_pct */
2361     g_assert_cmpint(percentage, >=, init_pct);
2362     /* Now, when we tested that throttling works, let it converge */
2363     migrate_ensure_converge(from);
2364 
2365     /*
2366      * Wait for pre-switchover status to check last throttle percentage
2367      * and remaining. These values will be zeroed later
2368      */
2369     wait_for_migration_status(from, "pre-switchover", NULL);
2370 
2371     /* The final percentage of throttling shouldn't be greater than max_pct */
2372     percentage = read_migrate_property_int(from, "cpu-throttle-percentage");
2373     g_assert_cmpint(percentage, <=, max_pct);
2374     migrate_continue(from, "pre-switchover");
2375 
2376     qtest_qmp_eventwait(to, "RESUME");
2377 
2378     wait_for_serial("dest_serial");
2379     wait_for_migration_complete(from);
2380 
2381     test_migrate_end(from, to, true);
2382 }
2383 
2384 static void *
2385 test_migrate_precopy_tcp_multifd_start_common(QTestState *from,
2386                                               QTestState *to,
2387                                               const char *method)
2388 {
2389     migrate_set_parameter_int(from, "multifd-channels", 16);
2390     migrate_set_parameter_int(to, "multifd-channels", 16);
2391 
2392     migrate_set_parameter_str(from, "multifd-compression", method);
2393     migrate_set_parameter_str(to, "multifd-compression", method);
2394 
2395     migrate_set_capability(from, "multifd", true);
2396     migrate_set_capability(to, "multifd", true);
2397 
2398     /* Start incoming migration from the 1st socket */
2399     migrate_incoming_qmp(to, "tcp:127.0.0.1:0", "{}");
2400 
2401     return NULL;
2402 }
2403 
2404 static void *
2405 test_migrate_precopy_tcp_multifd_start(QTestState *from,
2406                                        QTestState *to)
2407 {
2408     return test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2409 }
2410 
2411 static void *
2412 test_migrate_precopy_tcp_multifd_zlib_start(QTestState *from,
2413                                             QTestState *to)
2414 {
2415     return test_migrate_precopy_tcp_multifd_start_common(from, to, "zlib");
2416 }
2417 
2418 #ifdef CONFIG_ZSTD
2419 static void *
2420 test_migrate_precopy_tcp_multifd_zstd_start(QTestState *from,
2421                                             QTestState *to)
2422 {
2423     return test_migrate_precopy_tcp_multifd_start_common(from, to, "zstd");
2424 }
2425 #endif /* CONFIG_ZSTD */
2426 
2427 static void test_multifd_tcp_none(void)
2428 {
2429     MigrateCommon args = {
2430         .listen_uri = "defer",
2431         .start_hook = test_migrate_precopy_tcp_multifd_start,
2432         /*
2433          * Multifd is more complicated than most of the features, it
2434          * directly takes guest page buffers when sending, make sure
2435          * everything will work alright even if guest page is changing.
2436          */
2437         .live = true,
2438     };
2439     test_precopy_common(&args);
2440 }
2441 
2442 static void test_multifd_tcp_zlib(void)
2443 {
2444     MigrateCommon args = {
2445         .listen_uri = "defer",
2446         .start_hook = test_migrate_precopy_tcp_multifd_zlib_start,
2447     };
2448     test_precopy_common(&args);
2449 }
2450 
2451 #ifdef CONFIG_ZSTD
2452 static void test_multifd_tcp_zstd(void)
2453 {
2454     MigrateCommon args = {
2455         .listen_uri = "defer",
2456         .start_hook = test_migrate_precopy_tcp_multifd_zstd_start,
2457     };
2458     test_precopy_common(&args);
2459 }
2460 #endif
2461 
2462 #ifdef CONFIG_GNUTLS
2463 static void *
2464 test_migrate_multifd_tcp_tls_psk_start_match(QTestState *from,
2465                                              QTestState *to)
2466 {
2467     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2468     return test_migrate_tls_psk_start_match(from, to);
2469 }
2470 
2471 static void *
2472 test_migrate_multifd_tcp_tls_psk_start_mismatch(QTestState *from,
2473                                                 QTestState *to)
2474 {
2475     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2476     return test_migrate_tls_psk_start_mismatch(from, to);
2477 }
2478 
2479 #ifdef CONFIG_TASN1
2480 static void *
2481 test_migrate_multifd_tls_x509_start_default_host(QTestState *from,
2482                                                  QTestState *to)
2483 {
2484     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2485     return test_migrate_tls_x509_start_default_host(from, to);
2486 }
2487 
2488 static void *
2489 test_migrate_multifd_tls_x509_start_override_host(QTestState *from,
2490                                                   QTestState *to)
2491 {
2492     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2493     return test_migrate_tls_x509_start_override_host(from, to);
2494 }
2495 
2496 static void *
2497 test_migrate_multifd_tls_x509_start_mismatch_host(QTestState *from,
2498                                                   QTestState *to)
2499 {
2500     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2501     return test_migrate_tls_x509_start_mismatch_host(from, to);
2502 }
2503 
2504 static void *
2505 test_migrate_multifd_tls_x509_start_allow_anon_client(QTestState *from,
2506                                                       QTestState *to)
2507 {
2508     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2509     return test_migrate_tls_x509_start_allow_anon_client(from, to);
2510 }
2511 
2512 static void *
2513 test_migrate_multifd_tls_x509_start_reject_anon_client(QTestState *from,
2514                                                        QTestState *to)
2515 {
2516     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2517     return test_migrate_tls_x509_start_reject_anon_client(from, to);
2518 }
2519 #endif /* CONFIG_TASN1 */
2520 
2521 static void test_multifd_tcp_tls_psk_match(void)
2522 {
2523     MigrateCommon args = {
2524         .listen_uri = "defer",
2525         .start_hook = test_migrate_multifd_tcp_tls_psk_start_match,
2526         .finish_hook = test_migrate_tls_psk_finish,
2527     };
2528     test_precopy_common(&args);
2529 }
2530 
2531 static void test_multifd_tcp_tls_psk_mismatch(void)
2532 {
2533     MigrateCommon args = {
2534         .start = {
2535             .hide_stderr = true,
2536         },
2537         .listen_uri = "defer",
2538         .start_hook = test_migrate_multifd_tcp_tls_psk_start_mismatch,
2539         .finish_hook = test_migrate_tls_psk_finish,
2540         .result = MIG_TEST_FAIL,
2541     };
2542     test_precopy_common(&args);
2543 }
2544 
2545 #ifdef CONFIG_TASN1
2546 static void test_multifd_tcp_tls_x509_default_host(void)
2547 {
2548     MigrateCommon args = {
2549         .listen_uri = "defer",
2550         .start_hook = test_migrate_multifd_tls_x509_start_default_host,
2551         .finish_hook = test_migrate_tls_x509_finish,
2552     };
2553     test_precopy_common(&args);
2554 }
2555 
2556 static void test_multifd_tcp_tls_x509_override_host(void)
2557 {
2558     MigrateCommon args = {
2559         .listen_uri = "defer",
2560         .start_hook = test_migrate_multifd_tls_x509_start_override_host,
2561         .finish_hook = test_migrate_tls_x509_finish,
2562     };
2563     test_precopy_common(&args);
2564 }
2565 
2566 static void test_multifd_tcp_tls_x509_mismatch_host(void)
2567 {
2568     /*
2569      * This has different behaviour to the non-multifd case.
2570      *
2571      * In non-multifd case when client aborts due to mismatched
2572      * cert host, the server has already started trying to load
2573      * migration state, and so it exits with I/O failure.
2574      *
2575      * In multifd case when client aborts due to mismatched
2576      * cert host, the server is still waiting for the other
2577      * multifd connections to arrive so hasn't started trying
2578      * to load migration state, and thus just aborts the migration
2579      * without exiting.
2580      */
2581     MigrateCommon args = {
2582         .start = {
2583             .hide_stderr = true,
2584         },
2585         .listen_uri = "defer",
2586         .start_hook = test_migrate_multifd_tls_x509_start_mismatch_host,
2587         .finish_hook = test_migrate_tls_x509_finish,
2588         .result = MIG_TEST_FAIL,
2589     };
2590     test_precopy_common(&args);
2591 }
2592 
2593 static void test_multifd_tcp_tls_x509_allow_anon_client(void)
2594 {
2595     MigrateCommon args = {
2596         .listen_uri = "defer",
2597         .start_hook = test_migrate_multifd_tls_x509_start_allow_anon_client,
2598         .finish_hook = test_migrate_tls_x509_finish,
2599     };
2600     test_precopy_common(&args);
2601 }
2602 
2603 static void test_multifd_tcp_tls_x509_reject_anon_client(void)
2604 {
2605     MigrateCommon args = {
2606         .start = {
2607             .hide_stderr = true,
2608         },
2609         .listen_uri = "defer",
2610         .start_hook = test_migrate_multifd_tls_x509_start_reject_anon_client,
2611         .finish_hook = test_migrate_tls_x509_finish,
2612         .result = MIG_TEST_FAIL,
2613     };
2614     test_precopy_common(&args);
2615 }
2616 #endif /* CONFIG_TASN1 */
2617 #endif /* CONFIG_GNUTLS */
2618 
2619 /*
2620  * This test does:
2621  *  source               target
2622  *                       migrate_incoming
2623  *     migrate
2624  *     migrate_cancel
2625  *                       launch another target
2626  *     migrate
2627  *
2628  *  And see that it works
2629  */
2630 static void test_multifd_tcp_cancel(void)
2631 {
2632     MigrateStart args = {
2633         .hide_stderr = true,
2634     };
2635     QTestState *from, *to, *to2;
2636     g_autofree char *uri = NULL;
2637 
2638     if (test_migrate_start(&from, &to, "defer", &args)) {
2639         return;
2640     }
2641 
2642     migrate_ensure_non_converge(from);
2643     migrate_prepare_for_dirty_mem(from);
2644 
2645     migrate_set_parameter_int(from, "multifd-channels", 16);
2646     migrate_set_parameter_int(to, "multifd-channels", 16);
2647 
2648     migrate_set_capability(from, "multifd", true);
2649     migrate_set_capability(to, "multifd", true);
2650 
2651     /* Start incoming migration from the 1st socket */
2652     migrate_incoming_qmp(to, "tcp:127.0.0.1:0", "{}");
2653 
2654     /* Wait for the first serial output from the source */
2655     wait_for_serial("src_serial");
2656 
2657     uri = migrate_get_socket_address(to, "socket-address");
2658 
2659     migrate_qmp(from, uri, "{}");
2660 
2661     migrate_wait_for_dirty_mem(from, to);
2662 
2663     migrate_cancel(from);
2664 
2665     /* Make sure QEMU process "to" exited */
2666     qtest_set_expected_status(to, EXIT_FAILURE);
2667     qtest_wait_qemu(to);
2668 
2669     args = (MigrateStart){
2670         .only_target = true,
2671     };
2672 
2673     if (test_migrate_start(&from, &to2, "defer", &args)) {
2674         return;
2675     }
2676 
2677     migrate_set_parameter_int(to2, "multifd-channels", 16);
2678 
2679     migrate_set_capability(to2, "multifd", true);
2680 
2681     /* Start incoming migration from the 1st socket */
2682     migrate_incoming_qmp(to2, "tcp:127.0.0.1:0", "{}");
2683 
2684     g_free(uri);
2685     uri = migrate_get_socket_address(to2, "socket-address");
2686 
2687     wait_for_migration_status(from, "cancelled", NULL);
2688 
2689     migrate_ensure_non_converge(from);
2690 
2691     migrate_qmp(from, uri, "{}");
2692 
2693     migrate_wait_for_dirty_mem(from, to2);
2694 
2695     migrate_ensure_converge(from);
2696 
2697     if (!got_src_stop) {
2698         qtest_qmp_eventwait(from, "STOP");
2699     }
2700     qtest_qmp_eventwait(to2, "RESUME");
2701 
2702     wait_for_serial("dest_serial");
2703     wait_for_migration_complete(from);
2704     test_migrate_end(from, to2, true);
2705 }
2706 
2707 static void calc_dirty_rate(QTestState *who, uint64_t calc_time)
2708 {
2709     qtest_qmp_assert_success(who,
2710                              "{ 'execute': 'calc-dirty-rate',"
2711                              "'arguments': { "
2712                              "'calc-time': %" PRIu64 ","
2713                              "'mode': 'dirty-ring' }}",
2714                              calc_time);
2715 }
2716 
2717 static QDict *query_dirty_rate(QTestState *who)
2718 {
2719     return qtest_qmp_assert_success_ref(who,
2720                                         "{ 'execute': 'query-dirty-rate' }");
2721 }
2722 
2723 static void dirtylimit_set_all(QTestState *who, uint64_t dirtyrate)
2724 {
2725     qtest_qmp_assert_success(who,
2726                              "{ 'execute': 'set-vcpu-dirty-limit',"
2727                              "'arguments': { "
2728                              "'dirty-rate': %" PRIu64 " } }",
2729                              dirtyrate);
2730 }
2731 
2732 static void cancel_vcpu_dirty_limit(QTestState *who)
2733 {
2734     qtest_qmp_assert_success(who,
2735                              "{ 'execute': 'cancel-vcpu-dirty-limit' }");
2736 }
2737 
2738 static QDict *query_vcpu_dirty_limit(QTestState *who)
2739 {
2740     QDict *rsp;
2741 
2742     rsp = qtest_qmp(who, "{ 'execute': 'query-vcpu-dirty-limit' }");
2743     g_assert(!qdict_haskey(rsp, "error"));
2744     g_assert(qdict_haskey(rsp, "return"));
2745 
2746     return rsp;
2747 }
2748 
2749 static bool calc_dirtyrate_ready(QTestState *who)
2750 {
2751     QDict *rsp_return;
2752     gchar *status;
2753 
2754     rsp_return = query_dirty_rate(who);
2755     g_assert(rsp_return);
2756 
2757     status = g_strdup(qdict_get_str(rsp_return, "status"));
2758     g_assert(status);
2759 
2760     return g_strcmp0(status, "measuring");
2761 }
2762 
2763 static void wait_for_calc_dirtyrate_complete(QTestState *who,
2764                                              int64_t time_s)
2765 {
2766     int max_try_count = 10000;
2767     usleep(time_s * 1000000);
2768 
2769     while (!calc_dirtyrate_ready(who) && max_try_count--) {
2770         usleep(1000);
2771     }
2772 
2773     /*
2774      * Set the timeout with 10 s(max_try_count * 1000us),
2775      * if dirtyrate measurement not complete, fail test.
2776      */
2777     g_assert_cmpint(max_try_count, !=, 0);
2778 }
2779 
2780 static int64_t get_dirty_rate(QTestState *who)
2781 {
2782     QDict *rsp_return;
2783     gchar *status;
2784     QList *rates;
2785     const QListEntry *entry;
2786     QDict *rate;
2787     int64_t dirtyrate;
2788 
2789     rsp_return = query_dirty_rate(who);
2790     g_assert(rsp_return);
2791 
2792     status = g_strdup(qdict_get_str(rsp_return, "status"));
2793     g_assert(status);
2794     g_assert_cmpstr(status, ==, "measured");
2795 
2796     rates = qdict_get_qlist(rsp_return, "vcpu-dirty-rate");
2797     g_assert(rates && !qlist_empty(rates));
2798 
2799     entry = qlist_first(rates);
2800     g_assert(entry);
2801 
2802     rate = qobject_to(QDict, qlist_entry_obj(entry));
2803     g_assert(rate);
2804 
2805     dirtyrate = qdict_get_try_int(rate, "dirty-rate", -1);
2806 
2807     qobject_unref(rsp_return);
2808     return dirtyrate;
2809 }
2810 
2811 static int64_t get_limit_rate(QTestState *who)
2812 {
2813     QDict *rsp_return;
2814     QList *rates;
2815     const QListEntry *entry;
2816     QDict *rate;
2817     int64_t dirtyrate;
2818 
2819     rsp_return = query_vcpu_dirty_limit(who);
2820     g_assert(rsp_return);
2821 
2822     rates = qdict_get_qlist(rsp_return, "return");
2823     g_assert(rates && !qlist_empty(rates));
2824 
2825     entry = qlist_first(rates);
2826     g_assert(entry);
2827 
2828     rate = qobject_to(QDict, qlist_entry_obj(entry));
2829     g_assert(rate);
2830 
2831     dirtyrate = qdict_get_try_int(rate, "limit-rate", -1);
2832 
2833     qobject_unref(rsp_return);
2834     return dirtyrate;
2835 }
2836 
2837 static QTestState *dirtylimit_start_vm(void)
2838 {
2839     QTestState *vm = NULL;
2840     g_autofree gchar *
2841     cmd = g_strdup_printf("-accel kvm,dirty-ring-size=4096 "
2842                           "-name dirtylimit-test,debug-threads=on "
2843                           "-m 150M -smp 1 "
2844                           "-serial file:%s/vm_serial "
2845                           "-drive file=%s,format=raw ",
2846                           tmpfs, bootpath);
2847 
2848     vm = qtest_init(cmd);
2849     return vm;
2850 }
2851 
2852 static void dirtylimit_stop_vm(QTestState *vm)
2853 {
2854     qtest_quit(vm);
2855     cleanup("vm_serial");
2856 }
2857 
2858 static void test_vcpu_dirty_limit(void)
2859 {
2860     QTestState *vm;
2861     int64_t origin_rate;
2862     int64_t quota_rate;
2863     int64_t rate ;
2864     int max_try_count = 20;
2865     int hit = 0;
2866 
2867     /* Start vm for vcpu dirtylimit test */
2868     vm = dirtylimit_start_vm();
2869 
2870     /* Wait for the first serial output from the vm*/
2871     wait_for_serial("vm_serial");
2872 
2873     /* Do dirtyrate measurement with calc time equals 1s */
2874     calc_dirty_rate(vm, 1);
2875 
2876     /* Sleep calc time and wait for calc dirtyrate complete */
2877     wait_for_calc_dirtyrate_complete(vm, 1);
2878 
2879     /* Query original dirty page rate */
2880     origin_rate = get_dirty_rate(vm);
2881 
2882     /* VM booted from bootsect should dirty memory steadily */
2883     assert(origin_rate != 0);
2884 
2885     /* Setup quota dirty page rate at half of origin */
2886     quota_rate = origin_rate / 2;
2887 
2888     /* Set dirtylimit */
2889     dirtylimit_set_all(vm, quota_rate);
2890 
2891     /*
2892      * Check if set-vcpu-dirty-limit and query-vcpu-dirty-limit
2893      * works literally
2894      */
2895     g_assert_cmpint(quota_rate, ==, get_limit_rate(vm));
2896 
2897     /* Sleep a bit to check if it take effect */
2898     usleep(2000000);
2899 
2900     /*
2901      * Check if dirtylimit take effect realistically, set the
2902      * timeout with 20 s(max_try_count * 1s), if dirtylimit
2903      * doesn't take effect, fail test.
2904      */
2905     while (--max_try_count) {
2906         calc_dirty_rate(vm, 1);
2907         wait_for_calc_dirtyrate_complete(vm, 1);
2908         rate = get_dirty_rate(vm);
2909 
2910         /*
2911          * Assume hitting if current rate is less
2912          * than quota rate (within accepting error)
2913          */
2914         if (rate < (quota_rate + DIRTYLIMIT_TOLERANCE_RANGE)) {
2915             hit = 1;
2916             break;
2917         }
2918     }
2919 
2920     g_assert_cmpint(hit, ==, 1);
2921 
2922     hit = 0;
2923     max_try_count = 20;
2924 
2925     /* Check if dirtylimit cancellation take effect */
2926     cancel_vcpu_dirty_limit(vm);
2927     while (--max_try_count) {
2928         calc_dirty_rate(vm, 1);
2929         wait_for_calc_dirtyrate_complete(vm, 1);
2930         rate = get_dirty_rate(vm);
2931 
2932         /*
2933          * Assume dirtylimit be canceled if current rate is
2934          * greater than quota rate (within accepting error)
2935          */
2936         if (rate > (quota_rate + DIRTYLIMIT_TOLERANCE_RANGE)) {
2937             hit = 1;
2938             break;
2939         }
2940     }
2941 
2942     g_assert_cmpint(hit, ==, 1);
2943     dirtylimit_stop_vm(vm);
2944 }
2945 
2946 static bool kvm_dirty_ring_supported(void)
2947 {
2948 #if defined(__linux__) && defined(HOST_X86_64)
2949     int ret, kvm_fd = open("/dev/kvm", O_RDONLY);
2950 
2951     if (kvm_fd < 0) {
2952         return false;
2953     }
2954 
2955     ret = ioctl(kvm_fd, KVM_CHECK_EXTENSION, KVM_CAP_DIRTY_LOG_RING);
2956     close(kvm_fd);
2957 
2958     /* We test with 4096 slots */
2959     if (ret < 4096) {
2960         return false;
2961     }
2962 
2963     return true;
2964 #else
2965     return false;
2966 #endif
2967 }
2968 
2969 int main(int argc, char **argv)
2970 {
2971     bool has_kvm, has_tcg;
2972     bool has_uffd;
2973     const char *arch;
2974     g_autoptr(GError) err = NULL;
2975     int ret;
2976 
2977     g_test_init(&argc, &argv, NULL);
2978 
2979     has_kvm = qtest_has_accel("kvm");
2980     has_tcg = qtest_has_accel("tcg");
2981 
2982     if (!has_tcg && !has_kvm) {
2983         g_test_skip("No KVM or TCG accelerator available");
2984         return 0;
2985     }
2986 
2987     has_uffd = ufd_version_check();
2988     arch = qtest_get_arch();
2989 
2990     /*
2991      * On ppc64, the test only works with kvm-hv, but not with kvm-pr and TCG
2992      * is touchy due to race conditions on dirty bits (especially on PPC for
2993      * some reason)
2994      */
2995     if (g_str_equal(arch, "ppc64") &&
2996         (!has_kvm || access("/sys/module/kvm_hv", F_OK))) {
2997         g_test_message("Skipping test: kvm_hv not available");
2998         return g_test_run();
2999     }
3000 
3001     /*
3002      * Similar to ppc64, s390x seems to be touchy with TCG, so disable it
3003      * there until the problems are resolved
3004      */
3005     if (g_str_equal(arch, "s390x") && !has_kvm) {
3006         g_test_message("Skipping test: s390x host with KVM is required");
3007         return g_test_run();
3008     }
3009 
3010     tmpfs = g_dir_make_tmp("migration-test-XXXXXX", &err);
3011     if (!tmpfs) {
3012         g_test_message("Can't create temporary directory in %s: %s",
3013                        g_get_tmp_dir(), err->message);
3014     }
3015     g_assert(tmpfs);
3016     bootfile_create(tmpfs);
3017 
3018     module_call_init(MODULE_INIT_QOM);
3019 
3020     if (has_uffd) {
3021         qtest_add_func("/migration/postcopy/plain", test_postcopy);
3022         qtest_add_func("/migration/postcopy/recovery/plain",
3023                        test_postcopy_recovery);
3024         qtest_add_func("/migration/postcopy/preempt/plain", test_postcopy_preempt);
3025         qtest_add_func("/migration/postcopy/preempt/recovery/plain",
3026                        test_postcopy_preempt_recovery);
3027         if (getenv("QEMU_TEST_FLAKY_TESTS")) {
3028             qtest_add_func("/migration/postcopy/compress/plain",
3029                            test_postcopy_compress);
3030             qtest_add_func("/migration/postcopy/recovery/compress/plain",
3031                            test_postcopy_recovery_compress);
3032         }
3033     }
3034 
3035     qtest_add_func("/migration/bad_dest", test_baddest);
3036 #ifndef _WIN32
3037     qtest_add_func("/migration/analyze-script", test_analyze_script);
3038 #endif
3039     qtest_add_func("/migration/precopy/unix/plain", test_precopy_unix_plain);
3040     qtest_add_func("/migration/precopy/unix/xbzrle", test_precopy_unix_xbzrle);
3041     /*
3042      * Compression fails from time to time.
3043      * Put test here but don't enable it until everything is fixed.
3044      */
3045     if (getenv("QEMU_TEST_FLAKY_TESTS")) {
3046         qtest_add_func("/migration/precopy/unix/compress/wait",
3047                        test_precopy_unix_compress);
3048         qtest_add_func("/migration/precopy/unix/compress/nowait",
3049                        test_precopy_unix_compress_nowait);
3050     }
3051 
3052     qtest_add_func("/migration/precopy/file",
3053                    test_precopy_file);
3054     qtest_add_func("/migration/precopy/file/offset",
3055                    test_precopy_file_offset);
3056     qtest_add_func("/migration/precopy/file/offset/bad",
3057                    test_precopy_file_offset_bad);
3058 
3059 #ifdef CONFIG_GNUTLS
3060     qtest_add_func("/migration/precopy/unix/tls/psk",
3061                    test_precopy_unix_tls_psk);
3062 
3063     if (has_uffd) {
3064         /*
3065          * NOTE: psk test is enough for postcopy, as other types of TLS
3066          * channels are tested under precopy.  Here what we want to test is the
3067          * general postcopy path that has TLS channel enabled.
3068          */
3069         qtest_add_func("/migration/postcopy/tls/psk", test_postcopy_tls_psk);
3070         qtest_add_func("/migration/postcopy/recovery/tls/psk",
3071                        test_postcopy_recovery_tls_psk);
3072         qtest_add_func("/migration/postcopy/preempt/tls/psk",
3073                        test_postcopy_preempt_tls_psk);
3074         qtest_add_func("/migration/postcopy/preempt/recovery/tls/psk",
3075                        test_postcopy_preempt_all);
3076     }
3077 #ifdef CONFIG_TASN1
3078     qtest_add_func("/migration/precopy/unix/tls/x509/default-host",
3079                    test_precopy_unix_tls_x509_default_host);
3080     qtest_add_func("/migration/precopy/unix/tls/x509/override-host",
3081                    test_precopy_unix_tls_x509_override_host);
3082 #endif /* CONFIG_TASN1 */
3083 #endif /* CONFIG_GNUTLS */
3084 
3085     qtest_add_func("/migration/precopy/tcp/plain", test_precopy_tcp_plain);
3086 
3087     qtest_add_func("/migration/precopy/tcp/plain/switchover-ack",
3088                    test_precopy_tcp_switchover_ack);
3089 
3090 #ifdef CONFIG_GNUTLS
3091     qtest_add_func("/migration/precopy/tcp/tls/psk/match",
3092                    test_precopy_tcp_tls_psk_match);
3093     qtest_add_func("/migration/precopy/tcp/tls/psk/mismatch",
3094                    test_precopy_tcp_tls_psk_mismatch);
3095 #ifdef CONFIG_TASN1
3096     qtest_add_func("/migration/precopy/tcp/tls/x509/default-host",
3097                    test_precopy_tcp_tls_x509_default_host);
3098     qtest_add_func("/migration/precopy/tcp/tls/x509/override-host",
3099                    test_precopy_tcp_tls_x509_override_host);
3100     qtest_add_func("/migration/precopy/tcp/tls/x509/mismatch-host",
3101                    test_precopy_tcp_tls_x509_mismatch_host);
3102     qtest_add_func("/migration/precopy/tcp/tls/x509/friendly-client",
3103                    test_precopy_tcp_tls_x509_friendly_client);
3104     qtest_add_func("/migration/precopy/tcp/tls/x509/hostile-client",
3105                    test_precopy_tcp_tls_x509_hostile_client);
3106     qtest_add_func("/migration/precopy/tcp/tls/x509/allow-anon-client",
3107                    test_precopy_tcp_tls_x509_allow_anon_client);
3108     qtest_add_func("/migration/precopy/tcp/tls/x509/reject-anon-client",
3109                    test_precopy_tcp_tls_x509_reject_anon_client);
3110 #endif /* CONFIG_TASN1 */
3111 #endif /* CONFIG_GNUTLS */
3112 
3113     /* qtest_add_func("/migration/ignore_shared", test_ignore_shared); */
3114 #ifndef _WIN32
3115     qtest_add_func("/migration/fd_proto", test_migrate_fd_proto);
3116 #endif
3117     qtest_add_func("/migration/validate_uuid", test_validate_uuid);
3118     qtest_add_func("/migration/validate_uuid_error", test_validate_uuid_error);
3119     qtest_add_func("/migration/validate_uuid_src_not_set",
3120                    test_validate_uuid_src_not_set);
3121     qtest_add_func("/migration/validate_uuid_dst_not_set",
3122                    test_validate_uuid_dst_not_set);
3123     /*
3124      * See explanation why this test is slow on function definition
3125      */
3126     if (g_test_slow()) {
3127         qtest_add_func("/migration/auto_converge", test_migrate_auto_converge);
3128     }
3129     qtest_add_func("/migration/multifd/tcp/plain/none",
3130                    test_multifd_tcp_none);
3131     /*
3132      * This test is flaky and sometimes fails in CI and otherwise:
3133      * don't run unless user opts in via environment variable.
3134      */
3135     if (getenv("QEMU_TEST_FLAKY_TESTS")) {
3136         qtest_add_func("/migration/multifd/tcp/plain/cancel",
3137                        test_multifd_tcp_cancel);
3138     }
3139     qtest_add_func("/migration/multifd/tcp/plain/zlib",
3140                    test_multifd_tcp_zlib);
3141 #ifdef CONFIG_ZSTD
3142     qtest_add_func("/migration/multifd/tcp/plain/zstd",
3143                    test_multifd_tcp_zstd);
3144 #endif
3145 #ifdef CONFIG_GNUTLS
3146     qtest_add_func("/migration/multifd/tcp/tls/psk/match",
3147                    test_multifd_tcp_tls_psk_match);
3148     qtest_add_func("/migration/multifd/tcp/tls/psk/mismatch",
3149                    test_multifd_tcp_tls_psk_mismatch);
3150 #ifdef CONFIG_TASN1
3151     qtest_add_func("/migration/multifd/tcp/tls/x509/default-host",
3152                    test_multifd_tcp_tls_x509_default_host);
3153     qtest_add_func("/migration/multifd/tcp/tls/x509/override-host",
3154                    test_multifd_tcp_tls_x509_override_host);
3155     qtest_add_func("/migration/multifd/tcp/tls/x509/mismatch-host",
3156                    test_multifd_tcp_tls_x509_mismatch_host);
3157     qtest_add_func("/migration/multifd/tcp/tls/x509/allow-anon-client",
3158                    test_multifd_tcp_tls_x509_allow_anon_client);
3159     qtest_add_func("/migration/multifd/tcp/tls/x509/reject-anon-client",
3160                    test_multifd_tcp_tls_x509_reject_anon_client);
3161 #endif /* CONFIG_TASN1 */
3162 #endif /* CONFIG_GNUTLS */
3163 
3164     if (g_str_equal(arch, "x86_64") && has_kvm && kvm_dirty_ring_supported()) {
3165         qtest_add_func("/migration/dirty_ring",
3166                        test_precopy_unix_dirty_ring);
3167         qtest_add_func("/migration/vcpu_dirty_limit",
3168                        test_vcpu_dirty_limit);
3169     }
3170 
3171     ret = g_test_run();
3172 
3173     g_assert_cmpint(ret, ==, 0);
3174 
3175     bootfile_delete();
3176     ret = rmdir(tmpfs);
3177     if (ret != 0) {
3178         g_test_message("unable to rmdir: path (%s): %s",
3179                        tmpfs, strerror(errno));
3180     }
3181     g_free(tmpfs);
3182 
3183     return ret;
3184 }
3185