xref: /openbmc/qemu/tests/qtest/migration-test.c (revision be3fc97a)
1 /*
2  * QTest testcase for migration
3  *
4  * Copyright (c) 2016-2018 Red Hat, Inc. and/or its affiliates
5  *   based on the vhost-user-test.c that is:
6  *      Copyright (c) 2014 Virtual Open Systems Sarl.
7  *
8  * This work is licensed under the terms of the GNU GPL, version 2 or later.
9  * See the COPYING file in the top-level directory.
10  *
11  */
12 
13 #include "qemu/osdep.h"
14 
15 #include "libqtest.h"
16 #include "qapi/qmp/qdict.h"
17 #include "qemu/module.h"
18 #include "qemu/option.h"
19 #include "qemu/range.h"
20 #include "qemu/sockets.h"
21 #include "chardev/char.h"
22 #include "crypto/tlscredspsk.h"
23 #include "qapi/qmp/qlist.h"
24 #include "ppc-util.h"
25 
26 #include "migration-helpers.h"
27 #include "tests/migration/migration-test.h"
28 #ifdef CONFIG_GNUTLS
29 # include "tests/unit/crypto-tls-psk-helpers.h"
30 # ifdef CONFIG_TASN1
31 #  include "tests/unit/crypto-tls-x509-helpers.h"
32 # endif /* CONFIG_TASN1 */
33 #endif /* CONFIG_GNUTLS */
34 
35 /* For dirty ring test; so far only x86_64 is supported */
36 #if defined(__linux__) && defined(HOST_X86_64)
37 #include "linux/kvm.h"
38 #endif
39 
40 unsigned start_address;
41 unsigned end_address;
42 static bool uffd_feature_thread_id;
43 static QTestMigrationState src_state;
44 static QTestMigrationState dst_state;
45 
46 /*
47  * An initial 3 MB offset is used as that corresponds
48  * to ~1 sec of data transfer with our bandwidth setting.
49  */
50 #define MAGIC_OFFSET_BASE (3 * 1024 * 1024)
51 /*
52  * A further 1k is added to ensure we're not a multiple
53  * of TEST_MEM_PAGE_SIZE, thus avoid clash with writes
54  * from the migration guest workload.
55  */
56 #define MAGIC_OFFSET_SHUFFLE 1024
57 #define MAGIC_OFFSET (MAGIC_OFFSET_BASE + MAGIC_OFFSET_SHUFFLE)
58 #define MAGIC_MARKER 0xFEED12345678CAFEULL
59 
60 /*
61  * Dirtylimit stop working if dirty page rate error
62  * value less than DIRTYLIMIT_TOLERANCE_RANGE
63  */
64 #define DIRTYLIMIT_TOLERANCE_RANGE  25  /* MB/s */
65 
66 #define ANALYZE_SCRIPT "scripts/analyze-migration.py"
67 
68 #define QEMU_VM_FILE_MAGIC 0x5145564d
69 #define FILE_TEST_FILENAME "migfile"
70 #define FILE_TEST_OFFSET 0x1000
71 #define FILE_TEST_MARKER 'X'
72 #define QEMU_ENV_SRC "QTEST_QEMU_BINARY_SRC"
73 #define QEMU_ENV_DST "QTEST_QEMU_BINARY_DST"
74 
75 typedef enum PostcopyRecoveryFailStage {
76     /*
77      * "no failure" must be 0 as it's the default.  OTOH, real failure
78      * cases must be >0 to make sure they trigger by a "if" test.
79      */
80     POSTCOPY_FAIL_NONE = 0,
81     POSTCOPY_FAIL_CHANNEL_ESTABLISH,
82     POSTCOPY_FAIL_RECOVERY,
83     POSTCOPY_FAIL_MAX
84 } PostcopyRecoveryFailStage;
85 
86 #if defined(__linux__)
87 #include <sys/syscall.h>
88 #include <sys/vfs.h>
89 #endif
90 
91 #if defined(__linux__) && defined(__NR_userfaultfd) && defined(CONFIG_EVENTFD)
92 #include <sys/eventfd.h>
93 #include <sys/ioctl.h>
94 #include "qemu/userfaultfd.h"
95 
96 static bool ufd_version_check(void)
97 {
98     struct uffdio_api api_struct;
99     uint64_t ioctl_mask;
100 
101     int ufd = uffd_open(O_CLOEXEC);
102 
103     if (ufd == -1) {
104         g_test_message("Skipping test: userfaultfd not available");
105         return false;
106     }
107 
108     api_struct.api = UFFD_API;
109     api_struct.features = 0;
110     if (ioctl(ufd, UFFDIO_API, &api_struct)) {
111         g_test_message("Skipping test: UFFDIO_API failed");
112         return false;
113     }
114     uffd_feature_thread_id = api_struct.features & UFFD_FEATURE_THREAD_ID;
115 
116     ioctl_mask = 1ULL << _UFFDIO_REGISTER |
117                  1ULL << _UFFDIO_UNREGISTER;
118     if ((api_struct.ioctls & ioctl_mask) != ioctl_mask) {
119         g_test_message("Skipping test: Missing userfault feature");
120         return false;
121     }
122 
123     return true;
124 }
125 
126 #else
127 static bool ufd_version_check(void)
128 {
129     g_test_message("Skipping test: Userfault not available (builtdtime)");
130     return false;
131 }
132 
133 #endif
134 
135 static char *tmpfs;
136 static char *bootpath;
137 
138 /* The boot file modifies memory area in [start_address, end_address)
139  * repeatedly. It outputs a 'B' at a fixed rate while it's still running.
140  */
141 #include "tests/migration/i386/a-b-bootblock.h"
142 #include "tests/migration/aarch64/a-b-kernel.h"
143 #include "tests/migration/ppc64/a-b-kernel.h"
144 #include "tests/migration/s390x/a-b-bios.h"
145 
146 static void bootfile_delete(void)
147 {
148     if (!bootpath) {
149         return;
150     }
151     unlink(bootpath);
152     g_free(bootpath);
153     bootpath = NULL;
154 }
155 
156 static void bootfile_create(char *dir, bool suspend_me)
157 {
158     const char *arch = qtest_get_arch();
159     unsigned char *content;
160     size_t len;
161 
162     bootfile_delete();
163     bootpath = g_strdup_printf("%s/bootsect", dir);
164     if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) {
165         /* the assembled x86 boot sector should be exactly one sector large */
166         g_assert(sizeof(x86_bootsect) == 512);
167         x86_bootsect[SYM_suspend_me - SYM_start] = suspend_me;
168         content = x86_bootsect;
169         len = sizeof(x86_bootsect);
170     } else if (g_str_equal(arch, "s390x")) {
171         content = s390x_elf;
172         len = sizeof(s390x_elf);
173     } else if (strcmp(arch, "ppc64") == 0) {
174         content = ppc64_kernel;
175         len = sizeof(ppc64_kernel);
176     } else if (strcmp(arch, "aarch64") == 0) {
177         content = aarch64_kernel;
178         len = sizeof(aarch64_kernel);
179         g_assert(sizeof(aarch64_kernel) <= ARM_TEST_MAX_KERNEL_SIZE);
180     } else {
181         g_assert_not_reached();
182     }
183 
184     FILE *bootfile = fopen(bootpath, "wb");
185 
186     g_assert_cmpint(fwrite(content, len, 1, bootfile), ==, 1);
187     fclose(bootfile);
188 }
189 
190 /*
191  * Wait for some output in the serial output file,
192  * we get an 'A' followed by an endless string of 'B's
193  * but on the destination we won't have the A (unless we enabled suspend/resume)
194  */
195 static void wait_for_serial(const char *side)
196 {
197     g_autofree char *serialpath = g_strdup_printf("%s/%s", tmpfs, side);
198     FILE *serialfile = fopen(serialpath, "r");
199 
200     do {
201         int readvalue = fgetc(serialfile);
202 
203         switch (readvalue) {
204         case 'A':
205             /* Fine */
206             break;
207 
208         case 'B':
209             /* It's alive! */
210             fclose(serialfile);
211             return;
212 
213         case EOF:
214             fseek(serialfile, 0, SEEK_SET);
215             usleep(1000);
216             break;
217 
218         default:
219             fprintf(stderr, "Unexpected %d on %s serial\n", readvalue, side);
220             g_assert_not_reached();
221         }
222     } while (true);
223 }
224 
225 static void wait_for_stop(QTestState *who, QTestMigrationState *state)
226 {
227     if (!state->stop_seen) {
228         qtest_qmp_eventwait(who, "STOP");
229     }
230 }
231 
232 static void wait_for_resume(QTestState *who, QTestMigrationState *state)
233 {
234     if (!state->resume_seen) {
235         qtest_qmp_eventwait(who, "RESUME");
236     }
237 }
238 
239 static void wait_for_suspend(QTestState *who, QTestMigrationState *state)
240 {
241     if (state->suspend_me && !state->suspend_seen) {
242         qtest_qmp_eventwait(who, "SUSPEND");
243     }
244 }
245 
246 /*
247  * It's tricky to use qemu's migration event capability with qtest,
248  * events suddenly appearing confuse the qmp()/hmp() responses.
249  */
250 
251 static int64_t read_ram_property_int(QTestState *who, const char *property)
252 {
253     QDict *rsp_return, *rsp_ram;
254     int64_t result;
255 
256     rsp_return = migrate_query_not_failed(who);
257     if (!qdict_haskey(rsp_return, "ram")) {
258         /* Still in setup */
259         result = 0;
260     } else {
261         rsp_ram = qdict_get_qdict(rsp_return, "ram");
262         result = qdict_get_try_int(rsp_ram, property, 0);
263     }
264     qobject_unref(rsp_return);
265     return result;
266 }
267 
268 static int64_t read_migrate_property_int(QTestState *who, const char *property)
269 {
270     QDict *rsp_return;
271     int64_t result;
272 
273     rsp_return = migrate_query_not_failed(who);
274     result = qdict_get_try_int(rsp_return, property, 0);
275     qobject_unref(rsp_return);
276     return result;
277 }
278 
279 static uint64_t get_migration_pass(QTestState *who)
280 {
281     return read_ram_property_int(who, "dirty-sync-count");
282 }
283 
284 static void read_blocktime(QTestState *who)
285 {
286     QDict *rsp_return;
287 
288     rsp_return = migrate_query_not_failed(who);
289     g_assert(qdict_haskey(rsp_return, "postcopy-blocktime"));
290     qobject_unref(rsp_return);
291 }
292 
293 /*
294  * Wait for two changes in the migration pass count, but bail if we stop.
295  */
296 static void wait_for_migration_pass(QTestState *who)
297 {
298     uint64_t pass, prev_pass = 0, changes = 0;
299 
300     while (changes < 2 && !src_state.stop_seen && !src_state.suspend_seen) {
301         usleep(1000);
302         pass = get_migration_pass(who);
303         changes += (pass != prev_pass);
304         prev_pass = pass;
305     }
306 }
307 
308 static void check_guests_ram(QTestState *who)
309 {
310     /* Our ASM test will have been incrementing one byte from each page from
311      * start_address to < end_address in order. This gives us a constraint
312      * that any page's byte should be equal or less than the previous pages
313      * byte (mod 256); and they should all be equal except for one transition
314      * at the point where we meet the incrementer. (We're running this with
315      * the guest stopped).
316      */
317     unsigned address;
318     uint8_t first_byte;
319     uint8_t last_byte;
320     bool hit_edge = false;
321     int bad = 0;
322 
323     qtest_memread(who, start_address, &first_byte, 1);
324     last_byte = first_byte;
325 
326     for (address = start_address + TEST_MEM_PAGE_SIZE; address < end_address;
327          address += TEST_MEM_PAGE_SIZE)
328     {
329         uint8_t b;
330         qtest_memread(who, address, &b, 1);
331         if (b != last_byte) {
332             if (((b + 1) % 256) == last_byte && !hit_edge) {
333                 /* This is OK, the guest stopped at the point of
334                  * incrementing the previous page but didn't get
335                  * to us yet.
336                  */
337                 hit_edge = true;
338                 last_byte = b;
339             } else {
340                 bad++;
341                 if (bad <= 10) {
342                     fprintf(stderr, "Memory content inconsistency at %x"
343                             " first_byte = %x last_byte = %x current = %x"
344                             " hit_edge = %x\n",
345                             address, first_byte, last_byte, b, hit_edge);
346                 }
347             }
348         }
349     }
350     if (bad >= 10) {
351         fprintf(stderr, "and in another %d pages", bad - 10);
352     }
353     g_assert(bad == 0);
354 }
355 
356 static void cleanup(const char *filename)
357 {
358     g_autofree char *path = g_strdup_printf("%s/%s", tmpfs, filename);
359 
360     unlink(path);
361 }
362 
363 static long long migrate_get_parameter_int(QTestState *who,
364                                            const char *parameter)
365 {
366     QDict *rsp;
367     long long result;
368 
369     rsp = qtest_qmp_assert_success_ref(
370         who, "{ 'execute': 'query-migrate-parameters' }");
371     result = qdict_get_int(rsp, parameter);
372     qobject_unref(rsp);
373     return result;
374 }
375 
376 static void migrate_check_parameter_int(QTestState *who, const char *parameter,
377                                         long long value)
378 {
379     long long result;
380 
381     result = migrate_get_parameter_int(who, parameter);
382     g_assert_cmpint(result, ==, value);
383 }
384 
385 static void migrate_set_parameter_int(QTestState *who, const char *parameter,
386                                       long long value)
387 {
388     qtest_qmp_assert_success(who,
389                              "{ 'execute': 'migrate-set-parameters',"
390                              "'arguments': { %s: %lld } }",
391                              parameter, value);
392     migrate_check_parameter_int(who, parameter, value);
393 }
394 
395 static char *migrate_get_parameter_str(QTestState *who,
396                                        const char *parameter)
397 {
398     QDict *rsp;
399     char *result;
400 
401     rsp = qtest_qmp_assert_success_ref(
402         who, "{ 'execute': 'query-migrate-parameters' }");
403     result = g_strdup(qdict_get_str(rsp, parameter));
404     qobject_unref(rsp);
405     return result;
406 }
407 
408 static void migrate_check_parameter_str(QTestState *who, const char *parameter,
409                                         const char *value)
410 {
411     g_autofree char *result = migrate_get_parameter_str(who, parameter);
412     g_assert_cmpstr(result, ==, value);
413 }
414 
415 static void migrate_set_parameter_str(QTestState *who, const char *parameter,
416                                       const char *value)
417 {
418     qtest_qmp_assert_success(who,
419                              "{ 'execute': 'migrate-set-parameters',"
420                              "'arguments': { %s: %s } }",
421                              parameter, value);
422     migrate_check_parameter_str(who, parameter, value);
423 }
424 
425 static long long migrate_get_parameter_bool(QTestState *who,
426                                            const char *parameter)
427 {
428     QDict *rsp;
429     int result;
430 
431     rsp = qtest_qmp_assert_success_ref(
432         who, "{ 'execute': 'query-migrate-parameters' }");
433     result = qdict_get_bool(rsp, parameter);
434     qobject_unref(rsp);
435     return !!result;
436 }
437 
438 static void migrate_check_parameter_bool(QTestState *who, const char *parameter,
439                                         int value)
440 {
441     int result;
442 
443     result = migrate_get_parameter_bool(who, parameter);
444     g_assert_cmpint(result, ==, value);
445 }
446 
447 static void migrate_set_parameter_bool(QTestState *who, const char *parameter,
448                                       int value)
449 {
450     qtest_qmp_assert_success(who,
451                              "{ 'execute': 'migrate-set-parameters',"
452                              "'arguments': { %s: %i } }",
453                              parameter, value);
454     migrate_check_parameter_bool(who, parameter, value);
455 }
456 
457 static void migrate_ensure_non_converge(QTestState *who)
458 {
459     /* Can't converge with 1ms downtime + 3 mbs bandwidth limit */
460     migrate_set_parameter_int(who, "max-bandwidth", 3 * 1000 * 1000);
461     migrate_set_parameter_int(who, "downtime-limit", 1);
462 }
463 
464 static void migrate_ensure_converge(QTestState *who)
465 {
466     /* Should converge with 30s downtime + 1 gbs bandwidth limit */
467     migrate_set_parameter_int(who, "max-bandwidth", 1 * 1000 * 1000 * 1000);
468     migrate_set_parameter_int(who, "downtime-limit", 30 * 1000);
469 }
470 
471 /*
472  * Our goal is to ensure that we run a single full migration
473  * iteration, and also dirty memory, ensuring that at least
474  * one further iteration is required.
475  *
476  * We can't directly synchronize with the start of a migration
477  * so we have to apply some tricks monitoring memory that is
478  * transferred.
479  *
480  * Initially we set the migration bandwidth to an insanely
481  * low value, with tiny max downtime too. This basically
482  * guarantees migration will never complete.
483  *
484  * This will result in a test that is unacceptably slow though,
485  * so we can't let the entire migration pass run at this speed.
486  * Our intent is to let it run just long enough that we can
487  * prove data prior to the marker has been transferred *AND*
488  * also prove this transferred data is dirty again.
489  *
490  * Before migration starts, we write a 64-bit magic marker
491  * into a fixed location in the src VM RAM.
492  *
493  * Then watch dst memory until the marker appears. This is
494  * proof that start_address -> MAGIC_OFFSET_BASE has been
495  * transferred.
496  *
497  * Finally we go back to the source and read a byte just
498  * before the marker until we see it flip in value. This
499  * is proof that start_address -> MAGIC_OFFSET_BASE
500  * is now dirty again.
501  *
502  * IOW, we're guaranteed at least a 2nd migration pass
503  * at this point.
504  *
505  * We can now let migration run at full speed to finish
506  * the test
507  */
508 static void migrate_prepare_for_dirty_mem(QTestState *from)
509 {
510     /*
511      * The guest workflow iterates from start_address to
512      * end_address, writing 1 byte every TEST_MEM_PAGE_SIZE
513      * bytes.
514      *
515      * IOW, if we write to mem at a point which is NOT
516      * a multiple of TEST_MEM_PAGE_SIZE, our write won't
517      * conflict with the migration workflow.
518      *
519      * We put in a marker here, that we'll use to determine
520      * when the data has been transferred to the dst.
521      */
522     qtest_writeq(from, start_address + MAGIC_OFFSET, MAGIC_MARKER);
523 }
524 
525 static void migrate_wait_for_dirty_mem(QTestState *from,
526                                        QTestState *to)
527 {
528     uint64_t watch_address = start_address + MAGIC_OFFSET_BASE;
529     uint64_t marker_address = start_address + MAGIC_OFFSET;
530     uint8_t watch_byte;
531 
532     /*
533      * Wait for the MAGIC_MARKER to get transferred, as an
534      * indicator that a migration pass has made some known
535      * amount of progress.
536      */
537     do {
538         usleep(1000 * 10);
539     } while (qtest_readq(to, marker_address) != MAGIC_MARKER);
540 
541 
542     /* If suspended, src only iterates once, and watch_byte may never change */
543     if (src_state.suspend_me) {
544         return;
545     }
546 
547     /*
548      * Now ensure that already transferred bytes are
549      * dirty again from the guest workload. Note the
550      * guest byte value will wrap around and by chance
551      * match the original watch_byte. This is harmless
552      * as we'll eventually see a different value if we
553      * keep watching
554      */
555     watch_byte = qtest_readb(from, watch_address);
556     do {
557         usleep(1000 * 10);
558     } while (qtest_readb(from, watch_address) == watch_byte);
559 }
560 
561 
562 static void migrate_pause(QTestState *who)
563 {
564     qtest_qmp_assert_success(who, "{ 'execute': 'migrate-pause' }");
565 }
566 
567 static void migrate_continue(QTestState *who, const char *state)
568 {
569     qtest_qmp_assert_success(who,
570                              "{ 'execute': 'migrate-continue',"
571                              "  'arguments': { 'state': %s } }",
572                              state);
573 }
574 
575 static void migrate_recover(QTestState *who, const char *uri)
576 {
577     qtest_qmp_assert_success(who,
578                              "{ 'execute': 'migrate-recover', "
579                              "  'id': 'recover-cmd', "
580                              "  'arguments': { 'uri': %s } }",
581                              uri);
582 }
583 
584 static void migrate_cancel(QTestState *who)
585 {
586     qtest_qmp_assert_success(who, "{ 'execute': 'migrate_cancel' }");
587 }
588 
589 static void migrate_postcopy_start(QTestState *from, QTestState *to)
590 {
591     qtest_qmp_assert_success(from, "{ 'execute': 'migrate-start-postcopy' }");
592 
593     wait_for_stop(from, &src_state);
594     qtest_qmp_eventwait(to, "RESUME");
595 }
596 
597 typedef struct {
598     /*
599      * QTEST_LOG=1 may override this.  When QTEST_LOG=1, we always dump errors
600      * unconditionally, because it means the user would like to be verbose.
601      */
602     bool hide_stderr;
603     bool use_shmem;
604     /* only launch the target process */
605     bool only_target;
606     /* Use dirty ring if true; dirty logging otherwise */
607     bool use_dirty_ring;
608     const char *opts_source;
609     const char *opts_target;
610     /* suspend the src before migrating to dest. */
611     bool suspend_me;
612 } MigrateStart;
613 
614 /*
615  * A hook that runs after the src and dst QEMUs have been
616  * created, but before the migration is started. This can
617  * be used to set migration parameters and capabilities.
618  *
619  * Returns: NULL, or a pointer to opaque state to be
620  *          later passed to the TestMigrateFinishHook
621  */
622 typedef void * (*TestMigrateStartHook)(QTestState *from,
623                                        QTestState *to);
624 
625 /*
626  * A hook that runs after the migration has finished,
627  * regardless of whether it succeeded or failed, but
628  * before QEMU has terminated (unless it self-terminated
629  * due to migration error)
630  *
631  * @opaque is a pointer to state previously returned
632  * by the TestMigrateStartHook if any, or NULL.
633  */
634 typedef void (*TestMigrateFinishHook)(QTestState *from,
635                                       QTestState *to,
636                                       void *opaque);
637 
638 typedef struct {
639     /* Optional: fine tune start parameters */
640     MigrateStart start;
641 
642     /* Required: the URI for the dst QEMU to listen on */
643     const char *listen_uri;
644 
645     /*
646      * Optional: the URI for the src QEMU to connect to
647      * If NULL, then it will query the dst QEMU for its actual
648      * listening address and use that as the connect address.
649      * This allows for dynamically picking a free TCP port.
650      */
651     const char *connect_uri;
652 
653     /*
654      * Optional: JSON-formatted list of src QEMU URIs. If a port is
655      * defined as '0' in any QDict key a value of '0' will be
656      * automatically converted to the correct destination port.
657      */
658     const char *connect_channels;
659 
660     /* Optional: callback to run at start to set migration parameters */
661     TestMigrateStartHook start_hook;
662     /* Optional: callback to run at finish to cleanup */
663     TestMigrateFinishHook finish_hook;
664 
665     /*
666      * Optional: normally we expect the migration process to complete.
667      *
668      * There can be a variety of reasons and stages in which failure
669      * can happen during tests.
670      *
671      * If a failure is expected to happen at time of establishing
672      * the connection, then MIG_TEST_FAIL will indicate that the dst
673      * QEMU is expected to stay running and accept future migration
674      * connections.
675      *
676      * If a failure is expected to happen while processing the
677      * migration stream, then MIG_TEST_FAIL_DEST_QUIT_ERR will indicate
678      * that the dst QEMU is expected to quit with non-zero exit status
679      */
680     enum {
681         /* This test should succeed, the default */
682         MIG_TEST_SUCCEED = 0,
683         /* This test should fail, dest qemu should keep alive */
684         MIG_TEST_FAIL,
685         /* This test should fail, dest qemu should fail with abnormal status */
686         MIG_TEST_FAIL_DEST_QUIT_ERR,
687         /* The QMP command for this migration should fail with an error */
688         MIG_TEST_QMP_ERROR,
689     } result;
690 
691     /*
692      * Optional: set number of migration passes to wait for, if live==true.
693      * If zero, then merely wait for a few MB of dirty data
694      */
695     unsigned int iterations;
696 
697     /*
698      * Optional: whether the guest CPUs should be running during a precopy
699      * migration test.  We used to always run with live but it took much
700      * longer so we reduced live tests to only the ones that have solid
701      * reason to be tested live-only.  For each of the new test cases for
702      * precopy please provide justifications to use live explicitly (please
703      * refer to existing ones with live=true), or use live=off by default.
704      */
705     bool live;
706 
707     /* Postcopy specific fields */
708     void *postcopy_data;
709     bool postcopy_preempt;
710     PostcopyRecoveryFailStage postcopy_recovery_fail_stage;
711 } MigrateCommon;
712 
713 static int test_migrate_start(QTestState **from, QTestState **to,
714                               const char *uri, MigrateStart *args)
715 {
716     g_autofree gchar *arch_source = NULL;
717     g_autofree gchar *arch_target = NULL;
718     /* options for source and target */
719     g_autofree gchar *arch_opts = NULL;
720     g_autofree gchar *cmd_source = NULL;
721     g_autofree gchar *cmd_target = NULL;
722     const gchar *ignore_stderr;
723     g_autofree char *shmem_opts = NULL;
724     g_autofree char *shmem_path = NULL;
725     const char *kvm_opts = NULL;
726     const char *arch = qtest_get_arch();
727     const char *memory_size;
728     const char *machine_alias, *machine_opts = "";
729     g_autofree char *machine = NULL;
730 
731     if (args->use_shmem) {
732         if (!g_file_test("/dev/shm", G_FILE_TEST_IS_DIR)) {
733             g_test_skip("/dev/shm is not supported");
734             return -1;
735         }
736     }
737 
738     dst_state = (QTestMigrationState) { };
739     src_state = (QTestMigrationState) { };
740     bootfile_create(tmpfs, args->suspend_me);
741     src_state.suspend_me = args->suspend_me;
742 
743     if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) {
744         memory_size = "150M";
745 
746         if (g_str_equal(arch, "i386")) {
747             machine_alias = "pc";
748         } else {
749             machine_alias = "q35";
750         }
751         arch_opts = g_strdup_printf(
752             "-drive if=none,id=d0,file=%s,format=raw "
753             "-device ide-hd,drive=d0,secs=1,cyls=1,heads=1", bootpath);
754         start_address = X86_TEST_MEM_START;
755         end_address = X86_TEST_MEM_END;
756     } else if (g_str_equal(arch, "s390x")) {
757         memory_size = "128M";
758         machine_alias = "s390-ccw-virtio";
759         arch_opts = g_strdup_printf("-bios %s", bootpath);
760         start_address = S390_TEST_MEM_START;
761         end_address = S390_TEST_MEM_END;
762     } else if (strcmp(arch, "ppc64") == 0) {
763         memory_size = "256M";
764         start_address = PPC_TEST_MEM_START;
765         end_address = PPC_TEST_MEM_END;
766         machine_alias = "pseries";
767         machine_opts = "vsmt=8";
768         arch_opts = g_strdup_printf(
769             "-nodefaults -machine " PSERIES_DEFAULT_CAPABILITIES " "
770             "-bios %s", bootpath);
771     } else if (strcmp(arch, "aarch64") == 0) {
772         memory_size = "150M";
773         machine_alias = "virt";
774         machine_opts = "gic-version=3";
775         arch_opts = g_strdup_printf("-cpu max -kernel %s", bootpath);
776         start_address = ARM_TEST_MEM_START;
777         end_address = ARM_TEST_MEM_END;
778     } else {
779         g_assert_not_reached();
780     }
781 
782     if (!getenv("QTEST_LOG") && args->hide_stderr) {
783 #ifndef _WIN32
784         ignore_stderr = "2>/dev/null";
785 #else
786         /*
787          * On Windows the QEMU executable is created via CreateProcess() and
788          * IO redirection does not work, so don't bother adding IO redirection
789          * to the command line.
790          */
791         ignore_stderr = "";
792 #endif
793     } else {
794         ignore_stderr = "";
795     }
796 
797     if (args->use_shmem) {
798         shmem_path = g_strdup_printf("/dev/shm/qemu-%d", getpid());
799         shmem_opts = g_strdup_printf(
800             "-object memory-backend-file,id=mem0,size=%s"
801             ",mem-path=%s,share=on -numa node,memdev=mem0",
802             memory_size, shmem_path);
803     }
804 
805     if (args->use_dirty_ring) {
806         kvm_opts = ",dirty-ring-size=4096";
807     }
808 
809     if (!qtest_has_machine(machine_alias)) {
810         g_autofree char *msg = g_strdup_printf("machine %s not supported", machine_alias);
811         g_test_skip(msg);
812         return -1;
813     }
814 
815     machine = resolve_machine_version(machine_alias, QEMU_ENV_SRC,
816                                       QEMU_ENV_DST);
817 
818     g_test_message("Using machine type: %s", machine);
819 
820     cmd_source = g_strdup_printf("-accel kvm%s -accel tcg "
821                                  "-machine %s,%s "
822                                  "-name source,debug-threads=on "
823                                  "-m %s "
824                                  "-serial file:%s/src_serial "
825                                  "%s %s %s %s %s",
826                                  kvm_opts ? kvm_opts : "",
827                                  machine, machine_opts,
828                                  memory_size, tmpfs,
829                                  arch_opts ? arch_opts : "",
830                                  arch_source ? arch_source : "",
831                                  shmem_opts ? shmem_opts : "",
832                                  args->opts_source ? args->opts_source : "",
833                                  ignore_stderr);
834     if (!args->only_target) {
835         *from = qtest_init_with_env(QEMU_ENV_SRC, cmd_source);
836         qtest_qmp_set_event_callback(*from,
837                                      migrate_watch_for_events,
838                                      &src_state);
839     }
840 
841     cmd_target = g_strdup_printf("-accel kvm%s -accel tcg "
842                                  "-machine %s,%s "
843                                  "-name target,debug-threads=on "
844                                  "-m %s "
845                                  "-serial file:%s/dest_serial "
846                                  "-incoming %s "
847                                  "%s %s %s %s %s",
848                                  kvm_opts ? kvm_opts : "",
849                                  machine, machine_opts,
850                                  memory_size, tmpfs, uri,
851                                  arch_opts ? arch_opts : "",
852                                  arch_target ? arch_target : "",
853                                  shmem_opts ? shmem_opts : "",
854                                  args->opts_target ? args->opts_target : "",
855                                  ignore_stderr);
856     *to = qtest_init_with_env(QEMU_ENV_DST, cmd_target);
857     qtest_qmp_set_event_callback(*to,
858                                  migrate_watch_for_events,
859                                  &dst_state);
860 
861     /*
862      * Remove shmem file immediately to avoid memory leak in test failed case.
863      * It's valid because QEMU has already opened this file
864      */
865     if (args->use_shmem) {
866         unlink(shmem_path);
867     }
868 
869     /*
870      * Always enable migration events.  Libvirt always uses it, let's try
871      * to mimic as closer as that.
872      */
873     migrate_set_capability(*from, "events", true);
874     migrate_set_capability(*to, "events", true);
875 
876     return 0;
877 }
878 
879 static void test_migrate_end(QTestState *from, QTestState *to, bool test_dest)
880 {
881     unsigned char dest_byte_a, dest_byte_b, dest_byte_c, dest_byte_d;
882 
883     qtest_quit(from);
884 
885     if (test_dest) {
886         qtest_memread(to, start_address, &dest_byte_a, 1);
887 
888         /* Destination still running, wait for a byte to change */
889         do {
890             qtest_memread(to, start_address, &dest_byte_b, 1);
891             usleep(1000 * 10);
892         } while (dest_byte_a == dest_byte_b);
893 
894         qtest_qmp_assert_success(to, "{ 'execute' : 'stop'}");
895 
896         /* With it stopped, check nothing changes */
897         qtest_memread(to, start_address, &dest_byte_c, 1);
898         usleep(1000 * 200);
899         qtest_memread(to, start_address, &dest_byte_d, 1);
900         g_assert_cmpint(dest_byte_c, ==, dest_byte_d);
901 
902         check_guests_ram(to);
903     }
904 
905     qtest_quit(to);
906 
907     cleanup("migsocket");
908     cleanup("src_serial");
909     cleanup("dest_serial");
910     cleanup(FILE_TEST_FILENAME);
911 }
912 
913 #ifdef CONFIG_GNUTLS
914 struct TestMigrateTLSPSKData {
915     char *workdir;
916     char *workdiralt;
917     char *pskfile;
918     char *pskfilealt;
919 };
920 
921 static void *
922 test_migrate_tls_psk_start_common(QTestState *from,
923                                   QTestState *to,
924                                   bool mismatch)
925 {
926     struct TestMigrateTLSPSKData *data =
927         g_new0(struct TestMigrateTLSPSKData, 1);
928 
929     data->workdir = g_strdup_printf("%s/tlscredspsk0", tmpfs);
930     data->pskfile = g_strdup_printf("%s/%s", data->workdir,
931                                     QCRYPTO_TLS_CREDS_PSKFILE);
932     g_mkdir_with_parents(data->workdir, 0700);
933     test_tls_psk_init(data->pskfile);
934 
935     if (mismatch) {
936         data->workdiralt = g_strdup_printf("%s/tlscredspskalt0", tmpfs);
937         data->pskfilealt = g_strdup_printf("%s/%s", data->workdiralt,
938                                            QCRYPTO_TLS_CREDS_PSKFILE);
939         g_mkdir_with_parents(data->workdiralt, 0700);
940         test_tls_psk_init_alt(data->pskfilealt);
941     }
942 
943     qtest_qmp_assert_success(from,
944                              "{ 'execute': 'object-add',"
945                              "  'arguments': { 'qom-type': 'tls-creds-psk',"
946                              "                 'id': 'tlscredspsk0',"
947                              "                 'endpoint': 'client',"
948                              "                 'dir': %s,"
949                              "                 'username': 'qemu'} }",
950                              data->workdir);
951 
952     qtest_qmp_assert_success(to,
953                              "{ 'execute': 'object-add',"
954                              "  'arguments': { 'qom-type': 'tls-creds-psk',"
955                              "                 'id': 'tlscredspsk0',"
956                              "                 'endpoint': 'server',"
957                              "                 'dir': %s } }",
958                              mismatch ? data->workdiralt : data->workdir);
959 
960     migrate_set_parameter_str(from, "tls-creds", "tlscredspsk0");
961     migrate_set_parameter_str(to, "tls-creds", "tlscredspsk0");
962 
963     return data;
964 }
965 
966 static void *
967 test_migrate_tls_psk_start_match(QTestState *from,
968                                  QTestState *to)
969 {
970     return test_migrate_tls_psk_start_common(from, to, false);
971 }
972 
973 static void *
974 test_migrate_tls_psk_start_mismatch(QTestState *from,
975                                     QTestState *to)
976 {
977     return test_migrate_tls_psk_start_common(from, to, true);
978 }
979 
980 static void
981 test_migrate_tls_psk_finish(QTestState *from,
982                             QTestState *to,
983                             void *opaque)
984 {
985     struct TestMigrateTLSPSKData *data = opaque;
986 
987     test_tls_psk_cleanup(data->pskfile);
988     if (data->pskfilealt) {
989         test_tls_psk_cleanup(data->pskfilealt);
990     }
991     rmdir(data->workdir);
992     if (data->workdiralt) {
993         rmdir(data->workdiralt);
994     }
995 
996     g_free(data->workdiralt);
997     g_free(data->pskfilealt);
998     g_free(data->workdir);
999     g_free(data->pskfile);
1000     g_free(data);
1001 }
1002 
1003 #ifdef CONFIG_TASN1
1004 typedef struct {
1005     char *workdir;
1006     char *keyfile;
1007     char *cacert;
1008     char *servercert;
1009     char *serverkey;
1010     char *clientcert;
1011     char *clientkey;
1012 } TestMigrateTLSX509Data;
1013 
1014 typedef struct {
1015     bool verifyclient;
1016     bool clientcert;
1017     bool hostileclient;
1018     bool authzclient;
1019     const char *certhostname;
1020     const char *certipaddr;
1021 } TestMigrateTLSX509;
1022 
1023 static void *
1024 test_migrate_tls_x509_start_common(QTestState *from,
1025                                    QTestState *to,
1026                                    TestMigrateTLSX509 *args)
1027 {
1028     TestMigrateTLSX509Data *data = g_new0(TestMigrateTLSX509Data, 1);
1029 
1030     data->workdir = g_strdup_printf("%s/tlscredsx5090", tmpfs);
1031     data->keyfile = g_strdup_printf("%s/key.pem", data->workdir);
1032 
1033     data->cacert = g_strdup_printf("%s/ca-cert.pem", data->workdir);
1034     data->serverkey = g_strdup_printf("%s/server-key.pem", data->workdir);
1035     data->servercert = g_strdup_printf("%s/server-cert.pem", data->workdir);
1036     if (args->clientcert) {
1037         data->clientkey = g_strdup_printf("%s/client-key.pem", data->workdir);
1038         data->clientcert = g_strdup_printf("%s/client-cert.pem", data->workdir);
1039     }
1040 
1041     g_mkdir_with_parents(data->workdir, 0700);
1042 
1043     test_tls_init(data->keyfile);
1044 #ifndef _WIN32
1045     g_assert(link(data->keyfile, data->serverkey) == 0);
1046 #else
1047     g_assert(CreateHardLink(data->serverkey, data->keyfile, NULL) != 0);
1048 #endif
1049     if (args->clientcert) {
1050 #ifndef _WIN32
1051         g_assert(link(data->keyfile, data->clientkey) == 0);
1052 #else
1053         g_assert(CreateHardLink(data->clientkey, data->keyfile, NULL) != 0);
1054 #endif
1055     }
1056 
1057     TLS_ROOT_REQ_SIMPLE(cacertreq, data->cacert);
1058     if (args->clientcert) {
1059         TLS_CERT_REQ_SIMPLE_CLIENT(servercertreq, cacertreq,
1060                                    args->hostileclient ?
1061                                    QCRYPTO_TLS_TEST_CLIENT_HOSTILE_NAME :
1062                                    QCRYPTO_TLS_TEST_CLIENT_NAME,
1063                                    data->clientcert);
1064         test_tls_deinit_cert(&servercertreq);
1065     }
1066 
1067     TLS_CERT_REQ_SIMPLE_SERVER(clientcertreq, cacertreq,
1068                                data->servercert,
1069                                args->certhostname,
1070                                args->certipaddr);
1071     test_tls_deinit_cert(&clientcertreq);
1072     test_tls_deinit_cert(&cacertreq);
1073 
1074     qtest_qmp_assert_success(from,
1075                              "{ 'execute': 'object-add',"
1076                              "  'arguments': { 'qom-type': 'tls-creds-x509',"
1077                              "                 'id': 'tlscredsx509client0',"
1078                              "                 'endpoint': 'client',"
1079                              "                 'dir': %s,"
1080                              "                 'sanity-check': true,"
1081                              "                 'verify-peer': true} }",
1082                              data->workdir);
1083     migrate_set_parameter_str(from, "tls-creds", "tlscredsx509client0");
1084     if (args->certhostname) {
1085         migrate_set_parameter_str(from, "tls-hostname", args->certhostname);
1086     }
1087 
1088     qtest_qmp_assert_success(to,
1089                              "{ 'execute': 'object-add',"
1090                              "  'arguments': { 'qom-type': 'tls-creds-x509',"
1091                              "                 'id': 'tlscredsx509server0',"
1092                              "                 'endpoint': 'server',"
1093                              "                 'dir': %s,"
1094                              "                 'sanity-check': true,"
1095                              "                 'verify-peer': %i} }",
1096                              data->workdir, args->verifyclient);
1097     migrate_set_parameter_str(to, "tls-creds", "tlscredsx509server0");
1098 
1099     if (args->authzclient) {
1100         qtest_qmp_assert_success(to,
1101                                  "{ 'execute': 'object-add',"
1102                                  "  'arguments': { 'qom-type': 'authz-simple',"
1103                                  "                 'id': 'tlsauthz0',"
1104                                  "                 'identity': %s} }",
1105                                  "CN=" QCRYPTO_TLS_TEST_CLIENT_NAME);
1106         migrate_set_parameter_str(to, "tls-authz", "tlsauthz0");
1107     }
1108 
1109     return data;
1110 }
1111 
1112 /*
1113  * The normal case: match server's cert hostname against
1114  * whatever host we were telling QEMU to connect to (if any)
1115  */
1116 static void *
1117 test_migrate_tls_x509_start_default_host(QTestState *from,
1118                                          QTestState *to)
1119 {
1120     TestMigrateTLSX509 args = {
1121         .verifyclient = true,
1122         .clientcert = true,
1123         .certipaddr = "127.0.0.1"
1124     };
1125     return test_migrate_tls_x509_start_common(from, to, &args);
1126 }
1127 
1128 /*
1129  * The unusual case: the server's cert is different from
1130  * the address we're telling QEMU to connect to (if any),
1131  * so we must give QEMU an explicit hostname to validate
1132  */
1133 static void *
1134 test_migrate_tls_x509_start_override_host(QTestState *from,
1135                                           QTestState *to)
1136 {
1137     TestMigrateTLSX509 args = {
1138         .verifyclient = true,
1139         .clientcert = true,
1140         .certhostname = "qemu.org",
1141     };
1142     return test_migrate_tls_x509_start_common(from, to, &args);
1143 }
1144 
1145 /*
1146  * The unusual case: the server's cert is different from
1147  * the address we're telling QEMU to connect to, and so we
1148  * expect the client to reject the server
1149  */
1150 static void *
1151 test_migrate_tls_x509_start_mismatch_host(QTestState *from,
1152                                           QTestState *to)
1153 {
1154     TestMigrateTLSX509 args = {
1155         .verifyclient = true,
1156         .clientcert = true,
1157         .certipaddr = "10.0.0.1",
1158     };
1159     return test_migrate_tls_x509_start_common(from, to, &args);
1160 }
1161 
1162 static void *
1163 test_migrate_tls_x509_start_friendly_client(QTestState *from,
1164                                             QTestState *to)
1165 {
1166     TestMigrateTLSX509 args = {
1167         .verifyclient = true,
1168         .clientcert = true,
1169         .authzclient = true,
1170         .certipaddr = "127.0.0.1",
1171     };
1172     return test_migrate_tls_x509_start_common(from, to, &args);
1173 }
1174 
1175 static void *
1176 test_migrate_tls_x509_start_hostile_client(QTestState *from,
1177                                            QTestState *to)
1178 {
1179     TestMigrateTLSX509 args = {
1180         .verifyclient = true,
1181         .clientcert = true,
1182         .hostileclient = true,
1183         .authzclient = true,
1184         .certipaddr = "127.0.0.1",
1185     };
1186     return test_migrate_tls_x509_start_common(from, to, &args);
1187 }
1188 
1189 /*
1190  * The case with no client certificate presented,
1191  * and no server verification
1192  */
1193 static void *
1194 test_migrate_tls_x509_start_allow_anon_client(QTestState *from,
1195                                               QTestState *to)
1196 {
1197     TestMigrateTLSX509 args = {
1198         .certipaddr = "127.0.0.1",
1199     };
1200     return test_migrate_tls_x509_start_common(from, to, &args);
1201 }
1202 
1203 /*
1204  * The case with no client certificate presented,
1205  * and server verification rejecting
1206  */
1207 static void *
1208 test_migrate_tls_x509_start_reject_anon_client(QTestState *from,
1209                                                QTestState *to)
1210 {
1211     TestMigrateTLSX509 args = {
1212         .verifyclient = true,
1213         .certipaddr = "127.0.0.1",
1214     };
1215     return test_migrate_tls_x509_start_common(from, to, &args);
1216 }
1217 
1218 static void
1219 test_migrate_tls_x509_finish(QTestState *from,
1220                              QTestState *to,
1221                              void *opaque)
1222 {
1223     TestMigrateTLSX509Data *data = opaque;
1224 
1225     test_tls_cleanup(data->keyfile);
1226     g_free(data->keyfile);
1227 
1228     unlink(data->cacert);
1229     g_free(data->cacert);
1230     unlink(data->servercert);
1231     g_free(data->servercert);
1232     unlink(data->serverkey);
1233     g_free(data->serverkey);
1234 
1235     if (data->clientcert) {
1236         unlink(data->clientcert);
1237         g_free(data->clientcert);
1238     }
1239     if (data->clientkey) {
1240         unlink(data->clientkey);
1241         g_free(data->clientkey);
1242     }
1243 
1244     rmdir(data->workdir);
1245     g_free(data->workdir);
1246 
1247     g_free(data);
1248 }
1249 #endif /* CONFIG_TASN1 */
1250 #endif /* CONFIG_GNUTLS */
1251 
1252 static int migrate_postcopy_prepare(QTestState **from_ptr,
1253                                     QTestState **to_ptr,
1254                                     MigrateCommon *args)
1255 {
1256     QTestState *from, *to;
1257 
1258     if (test_migrate_start(&from, &to, "defer", &args->start)) {
1259         return -1;
1260     }
1261 
1262     if (args->start_hook) {
1263         args->postcopy_data = args->start_hook(from, to);
1264     }
1265 
1266     migrate_set_capability(from, "postcopy-ram", true);
1267     migrate_set_capability(to, "postcopy-ram", true);
1268     migrate_set_capability(to, "postcopy-blocktime", true);
1269 
1270     if (args->postcopy_preempt) {
1271         migrate_set_capability(from, "postcopy-preempt", true);
1272         migrate_set_capability(to, "postcopy-preempt", true);
1273     }
1274 
1275     migrate_ensure_non_converge(from);
1276 
1277     migrate_prepare_for_dirty_mem(from);
1278     qtest_qmp_assert_success(to, "{ 'execute': 'migrate-incoming',"
1279                              "  'arguments': { "
1280                              "      'channels': [ { 'channel-type': 'main',"
1281                              "      'addr': { 'transport': 'socket',"
1282                              "                'type': 'inet',"
1283                              "                'host': '127.0.0.1',"
1284                              "                'port': '0' } } ] } }");
1285 
1286     /* Wait for the first serial output from the source */
1287     wait_for_serial("src_serial");
1288     wait_for_suspend(from, &src_state);
1289 
1290     migrate_qmp(from, to, NULL, NULL, "{}");
1291 
1292     migrate_wait_for_dirty_mem(from, to);
1293 
1294     *from_ptr = from;
1295     *to_ptr = to;
1296 
1297     return 0;
1298 }
1299 
1300 static void migrate_postcopy_complete(QTestState *from, QTestState *to,
1301                                       MigrateCommon *args)
1302 {
1303     wait_for_migration_complete(from);
1304 
1305     if (args->start.suspend_me) {
1306         /* wakeup succeeds only if guest is suspended */
1307         qtest_qmp_assert_success(to, "{'execute': 'system_wakeup'}");
1308     }
1309 
1310     /* Make sure we get at least one "B" on destination */
1311     wait_for_serial("dest_serial");
1312 
1313     if (uffd_feature_thread_id) {
1314         read_blocktime(to);
1315     }
1316 
1317     if (args->finish_hook) {
1318         args->finish_hook(from, to, args->postcopy_data);
1319         args->postcopy_data = NULL;
1320     }
1321 
1322     test_migrate_end(from, to, true);
1323 }
1324 
1325 static void test_postcopy_common(MigrateCommon *args)
1326 {
1327     QTestState *from, *to;
1328 
1329     if (migrate_postcopy_prepare(&from, &to, args)) {
1330         return;
1331     }
1332     migrate_postcopy_start(from, to);
1333     migrate_postcopy_complete(from, to, args);
1334 }
1335 
1336 static void test_postcopy(void)
1337 {
1338     MigrateCommon args = { };
1339 
1340     test_postcopy_common(&args);
1341 }
1342 
1343 static void test_postcopy_suspend(void)
1344 {
1345     MigrateCommon args = {
1346         .start.suspend_me = true,
1347     };
1348 
1349     test_postcopy_common(&args);
1350 }
1351 
1352 static void test_postcopy_preempt(void)
1353 {
1354     MigrateCommon args = {
1355         .postcopy_preempt = true,
1356     };
1357 
1358     test_postcopy_common(&args);
1359 }
1360 
1361 #ifdef CONFIG_GNUTLS
1362 static void test_postcopy_tls_psk(void)
1363 {
1364     MigrateCommon args = {
1365         .start_hook = test_migrate_tls_psk_start_match,
1366         .finish_hook = test_migrate_tls_psk_finish,
1367     };
1368 
1369     test_postcopy_common(&args);
1370 }
1371 
1372 static void test_postcopy_preempt_tls_psk(void)
1373 {
1374     MigrateCommon args = {
1375         .postcopy_preempt = true,
1376         .start_hook = test_migrate_tls_psk_start_match,
1377         .finish_hook = test_migrate_tls_psk_finish,
1378     };
1379 
1380     test_postcopy_common(&args);
1381 }
1382 #endif
1383 
1384 static void wait_for_postcopy_status(QTestState *one, const char *status)
1385 {
1386     wait_for_migration_status(one, status,
1387                               (const char * []) { "failed", "active",
1388                                                   "completed", NULL });
1389 }
1390 
1391 static void postcopy_recover_fail(QTestState *from, QTestState *to,
1392                                   PostcopyRecoveryFailStage stage)
1393 {
1394 #ifndef _WIN32
1395     bool fail_early = (stage == POSTCOPY_FAIL_CHANNEL_ESTABLISH);
1396     int ret, pair1[2], pair2[2];
1397     char c;
1398 
1399     g_assert(stage > POSTCOPY_FAIL_NONE && stage < POSTCOPY_FAIL_MAX);
1400 
1401     /* Create two unrelated socketpairs */
1402     ret = qemu_socketpair(PF_LOCAL, SOCK_STREAM, 0, pair1);
1403     g_assert_cmpint(ret, ==, 0);
1404 
1405     ret = qemu_socketpair(PF_LOCAL, SOCK_STREAM, 0, pair2);
1406     g_assert_cmpint(ret, ==, 0);
1407 
1408     /*
1409      * Give the guests unpaired ends of the sockets, so they'll all blocked
1410      * at reading.  This mimics a wrong channel established.
1411      */
1412     qtest_qmp_fds_assert_success(from, &pair1[0], 1,
1413                                  "{ 'execute': 'getfd',"
1414                                  "  'arguments': { 'fdname': 'fd-mig' }}");
1415     qtest_qmp_fds_assert_success(to, &pair2[0], 1,
1416                                  "{ 'execute': 'getfd',"
1417                                  "  'arguments': { 'fdname': 'fd-mig' }}");
1418 
1419     /*
1420      * Write the 1st byte as QEMU_VM_COMMAND (0x8) for the dest socket, to
1421      * emulate the 1st byte of a real recovery, but stops from there to
1422      * keep dest QEMU in RECOVER.  This is needed so that we can kick off
1423      * the recover process on dest QEMU (by triggering the G_IO_IN event).
1424      *
1425      * NOTE: this trick is not needed on src QEMUs, because src doesn't
1426      * rely on an pre-existing G_IO_IN event, so it will always trigger the
1427      * upcoming recovery anyway even if it can read nothing.
1428      */
1429 #define QEMU_VM_COMMAND              0x08
1430     c = QEMU_VM_COMMAND;
1431     ret = send(pair2[1], &c, 1, 0);
1432     g_assert_cmpint(ret, ==, 1);
1433 
1434     if (stage == POSTCOPY_FAIL_CHANNEL_ESTABLISH) {
1435         /*
1436          * This will make src QEMU to fail at an early stage when trying to
1437          * resume later, where it shouldn't reach RECOVER stage at all.
1438          */
1439         close(pair1[1]);
1440     }
1441 
1442     migrate_recover(to, "fd:fd-mig");
1443     migrate_qmp(from, to, "fd:fd-mig", NULL, "{'resume': true}");
1444 
1445     /*
1446      * Source QEMU has an extra RECOVER_SETUP phase, dest doesn't have it.
1447      * Make sure it appears along the way.
1448      */
1449     migration_event_wait(from, "postcopy-recover-setup");
1450 
1451     if (fail_early) {
1452         /*
1453          * When fails at reconnection, src QEMU will automatically goes
1454          * back to PAUSED state.  Making sure there is an event in this
1455          * case: Libvirt relies on this to detect early reconnection
1456          * errors.
1457          */
1458         migration_event_wait(from, "postcopy-paused");
1459     } else {
1460         /*
1461          * We want to test "fail later" at RECOVER stage here.  Make sure
1462          * both QEMU instances will go into RECOVER stage first, then test
1463          * kicking them out using migrate-pause.
1464          *
1465          * Explicitly check the RECOVER event on src, that's what Libvirt
1466          * relies on, rather than polling.
1467          */
1468         migration_event_wait(from, "postcopy-recover");
1469         wait_for_postcopy_status(from, "postcopy-recover");
1470 
1471         /* Need an explicit kick on src QEMU in this case */
1472         migrate_pause(from);
1473     }
1474 
1475     /*
1476      * For all failure cases, we'll reach such states on both sides now.
1477      * Check them.
1478      */
1479     wait_for_postcopy_status(from, "postcopy-paused");
1480     wait_for_postcopy_status(to, "postcopy-recover");
1481 
1482     /*
1483      * Kick dest QEMU out too. This is normally not needed in reality
1484      * because when the channel is shutdown it should also happen on src.
1485      * However here we used separate socket pairs so we need to do that
1486      * explicitly.
1487      */
1488     migrate_pause(to);
1489     wait_for_postcopy_status(to, "postcopy-paused");
1490 
1491     close(pair1[0]);
1492     close(pair2[0]);
1493     close(pair2[1]);
1494 
1495     if (stage != POSTCOPY_FAIL_CHANNEL_ESTABLISH) {
1496         close(pair1[1]);
1497     }
1498 #endif
1499 }
1500 
1501 static void test_postcopy_recovery_common(MigrateCommon *args)
1502 {
1503     QTestState *from, *to;
1504     g_autofree char *uri = NULL;
1505 
1506     /* Always hide errors for postcopy recover tests since they're expected */
1507     args->start.hide_stderr = true;
1508 
1509     if (migrate_postcopy_prepare(&from, &to, args)) {
1510         return;
1511     }
1512 
1513     /* Turn postcopy speed down, 4K/s is slow enough on any machines */
1514     migrate_set_parameter_int(from, "max-postcopy-bandwidth", 4096);
1515 
1516     /* Now we start the postcopy */
1517     migrate_postcopy_start(from, to);
1518 
1519     /*
1520      * Wait until postcopy is really started; we can only run the
1521      * migrate-pause command during a postcopy
1522      */
1523     wait_for_migration_status(from, "postcopy-active", NULL);
1524 
1525     /*
1526      * Manually stop the postcopy migration. This emulates a network
1527      * failure with the migration socket
1528      */
1529     migrate_pause(from);
1530 
1531     /*
1532      * Wait for destination side to reach postcopy-paused state.  The
1533      * migrate-recover command can only succeed if destination machine
1534      * is in the paused state
1535      */
1536     wait_for_postcopy_status(to, "postcopy-paused");
1537     wait_for_postcopy_status(from, "postcopy-paused");
1538 
1539     if (args->postcopy_recovery_fail_stage) {
1540         /*
1541          * Test when a wrong socket specified for recover, and then the
1542          * ability to kick it out, and continue with a correct socket.
1543          */
1544         postcopy_recover_fail(from, to, args->postcopy_recovery_fail_stage);
1545         /* continue with a good recovery */
1546     }
1547 
1548     /*
1549      * Create a new socket to emulate a new channel that is different
1550      * from the broken migration channel; tell the destination to
1551      * listen to the new port
1552      */
1553     uri = g_strdup_printf("unix:%s/migsocket-recover", tmpfs);
1554     migrate_recover(to, uri);
1555 
1556     /*
1557      * Try to rebuild the migration channel using the resume flag and
1558      * the newly created channel
1559      */
1560     migrate_qmp(from, to, uri, NULL, "{'resume': true}");
1561 
1562     /* Restore the postcopy bandwidth to unlimited */
1563     migrate_set_parameter_int(from, "max-postcopy-bandwidth", 0);
1564 
1565     migrate_postcopy_complete(from, to, args);
1566 }
1567 
1568 static void test_postcopy_recovery(void)
1569 {
1570     MigrateCommon args = { };
1571 
1572     test_postcopy_recovery_common(&args);
1573 }
1574 
1575 static void test_postcopy_recovery_fail_handshake(void)
1576 {
1577     MigrateCommon args = {
1578         .postcopy_recovery_fail_stage = POSTCOPY_FAIL_RECOVERY,
1579     };
1580 
1581     test_postcopy_recovery_common(&args);
1582 }
1583 
1584 static void test_postcopy_recovery_fail_reconnect(void)
1585 {
1586     MigrateCommon args = {
1587         .postcopy_recovery_fail_stage = POSTCOPY_FAIL_CHANNEL_ESTABLISH,
1588     };
1589 
1590     test_postcopy_recovery_common(&args);
1591 }
1592 
1593 #ifdef CONFIG_GNUTLS
1594 static void test_postcopy_recovery_tls_psk(void)
1595 {
1596     MigrateCommon args = {
1597         .start_hook = test_migrate_tls_psk_start_match,
1598         .finish_hook = test_migrate_tls_psk_finish,
1599     };
1600 
1601     test_postcopy_recovery_common(&args);
1602 }
1603 #endif
1604 
1605 static void test_postcopy_preempt_recovery(void)
1606 {
1607     MigrateCommon args = {
1608         .postcopy_preempt = true,
1609     };
1610 
1611     test_postcopy_recovery_common(&args);
1612 }
1613 
1614 #ifdef CONFIG_GNUTLS
1615 /* This contains preempt+recovery+tls test altogether */
1616 static void test_postcopy_preempt_all(void)
1617 {
1618     MigrateCommon args = {
1619         .postcopy_preempt = true,
1620         .start_hook = test_migrate_tls_psk_start_match,
1621         .finish_hook = test_migrate_tls_psk_finish,
1622     };
1623 
1624     test_postcopy_recovery_common(&args);
1625 }
1626 
1627 #endif
1628 
1629 static void test_baddest(void)
1630 {
1631     MigrateStart args = {
1632         .hide_stderr = true
1633     };
1634     QTestState *from, *to;
1635 
1636     if (test_migrate_start(&from, &to, "tcp:127.0.0.1:0", &args)) {
1637         return;
1638     }
1639     migrate_qmp(from, to, "tcp:127.0.0.1:0", NULL, "{}");
1640     wait_for_migration_fail(from, false);
1641     test_migrate_end(from, to, false);
1642 }
1643 
1644 #ifndef _WIN32
1645 static void test_analyze_script(void)
1646 {
1647     MigrateStart args = {
1648         .opts_source = "-uuid 11111111-1111-1111-1111-111111111111",
1649     };
1650     QTestState *from, *to;
1651     g_autofree char *uri = NULL;
1652     g_autofree char *file = NULL;
1653     int pid, wstatus;
1654     const char *python = g_getenv("PYTHON");
1655 
1656     if (!python) {
1657         g_test_skip("PYTHON variable not set");
1658         return;
1659     }
1660 
1661     /* dummy url */
1662     if (test_migrate_start(&from, &to, "tcp:127.0.0.1:0", &args)) {
1663         return;
1664     }
1665 
1666     /*
1667      * Setting these two capabilities causes the "configuration"
1668      * vmstate to include subsections for them. The script needs to
1669      * parse those subsections properly.
1670      */
1671     migrate_set_capability(from, "validate-uuid", true);
1672     migrate_set_capability(from, "x-ignore-shared", true);
1673 
1674     file = g_strdup_printf("%s/migfile", tmpfs);
1675     uri = g_strdup_printf("exec:cat > %s", file);
1676 
1677     migrate_ensure_converge(from);
1678     migrate_qmp(from, to, uri, NULL, "{}");
1679     wait_for_migration_complete(from);
1680 
1681     pid = fork();
1682     if (!pid) {
1683         close(1);
1684         open("/dev/null", O_WRONLY);
1685         execl(python, python, ANALYZE_SCRIPT, "-f", file, NULL);
1686         g_assert_not_reached();
1687     }
1688 
1689     g_assert(waitpid(pid, &wstatus, 0) == pid);
1690     if (!WIFEXITED(wstatus) || WEXITSTATUS(wstatus) != 0) {
1691         g_test_message("Failed to analyze the migration stream");
1692         g_test_fail();
1693     }
1694     test_migrate_end(from, to, false);
1695     cleanup("migfile");
1696 }
1697 #endif
1698 
1699 static void test_precopy_common(MigrateCommon *args)
1700 {
1701     QTestState *from, *to;
1702     void *data_hook = NULL;
1703 
1704     if (test_migrate_start(&from, &to, args->listen_uri, &args->start)) {
1705         return;
1706     }
1707 
1708     if (args->start_hook) {
1709         data_hook = args->start_hook(from, to);
1710     }
1711 
1712     /* Wait for the first serial output from the source */
1713     if (args->result == MIG_TEST_SUCCEED) {
1714         wait_for_serial("src_serial");
1715         wait_for_suspend(from, &src_state);
1716     }
1717 
1718     if (args->live) {
1719         migrate_ensure_non_converge(from);
1720         migrate_prepare_for_dirty_mem(from);
1721     } else {
1722         /*
1723          * Testing non-live migration, we allow it to run at
1724          * full speed to ensure short test case duration.
1725          * For tests expected to fail, we don't need to
1726          * change anything.
1727          */
1728         if (args->result == MIG_TEST_SUCCEED) {
1729             qtest_qmp_assert_success(from, "{ 'execute' : 'stop'}");
1730             wait_for_stop(from, &src_state);
1731             migrate_ensure_converge(from);
1732         }
1733     }
1734 
1735     if (args->result == MIG_TEST_QMP_ERROR) {
1736         migrate_qmp_fail(from, args->connect_uri, args->connect_channels, "{}");
1737         goto finish;
1738     }
1739 
1740     migrate_qmp(from, to, args->connect_uri, args->connect_channels, "{}");
1741 
1742     if (args->result != MIG_TEST_SUCCEED) {
1743         bool allow_active = args->result == MIG_TEST_FAIL;
1744         wait_for_migration_fail(from, allow_active);
1745 
1746         if (args->result == MIG_TEST_FAIL_DEST_QUIT_ERR) {
1747             qtest_set_expected_status(to, EXIT_FAILURE);
1748         }
1749     } else {
1750         if (args->live) {
1751             /*
1752              * For initial iteration(s) we must do a full pass,
1753              * but for the final iteration, we need only wait
1754              * for some dirty mem before switching to converge
1755              */
1756             while (args->iterations > 1) {
1757                 wait_for_migration_pass(from);
1758                 args->iterations--;
1759             }
1760             migrate_wait_for_dirty_mem(from, to);
1761 
1762             migrate_ensure_converge(from);
1763 
1764             /*
1765              * We do this first, as it has a timeout to stop us
1766              * hanging forever if migration didn't converge
1767              */
1768             wait_for_migration_complete(from);
1769 
1770             wait_for_stop(from, &src_state);
1771 
1772         } else {
1773             wait_for_migration_complete(from);
1774             /*
1775              * Must wait for dst to finish reading all incoming
1776              * data on the socket before issuing 'cont' otherwise
1777              * it'll be ignored
1778              */
1779             wait_for_migration_complete(to);
1780 
1781             qtest_qmp_assert_success(to, "{ 'execute' : 'cont'}");
1782         }
1783 
1784         wait_for_resume(to, &dst_state);
1785 
1786         if (args->start.suspend_me) {
1787             /* wakeup succeeds only if guest is suspended */
1788             qtest_qmp_assert_success(to, "{'execute': 'system_wakeup'}");
1789         }
1790 
1791         wait_for_serial("dest_serial");
1792     }
1793 
1794 finish:
1795     if (args->finish_hook) {
1796         args->finish_hook(from, to, data_hook);
1797     }
1798 
1799     test_migrate_end(from, to, args->result == MIG_TEST_SUCCEED);
1800 }
1801 
1802 static void file_dirty_offset_region(void)
1803 {
1804     g_autofree char *path = g_strdup_printf("%s/%s", tmpfs, FILE_TEST_FILENAME);
1805     size_t size = FILE_TEST_OFFSET;
1806     g_autofree char *data = g_new0(char, size);
1807 
1808     memset(data, FILE_TEST_MARKER, size);
1809     g_assert(g_file_set_contents(path, data, size, NULL));
1810 }
1811 
1812 static void file_check_offset_region(void)
1813 {
1814     g_autofree char *path = g_strdup_printf("%s/%s", tmpfs, FILE_TEST_FILENAME);
1815     size_t size = FILE_TEST_OFFSET;
1816     g_autofree char *expected = g_new0(char, size);
1817     g_autofree char *actual = NULL;
1818     uint64_t *stream_start;
1819 
1820     /*
1821      * Ensure the skipped offset region's data has not been touched
1822      * and the migration stream starts at the right place.
1823      */
1824 
1825     memset(expected, FILE_TEST_MARKER, size);
1826 
1827     g_assert(g_file_get_contents(path, &actual, NULL, NULL));
1828     g_assert(!memcmp(actual, expected, size));
1829 
1830     stream_start = (uint64_t *)(actual + size);
1831     g_assert_cmpint(cpu_to_be64(*stream_start) >> 32, ==, QEMU_VM_FILE_MAGIC);
1832 }
1833 
1834 static void test_file_common(MigrateCommon *args, bool stop_src)
1835 {
1836     QTestState *from, *to;
1837     void *data_hook = NULL;
1838     bool check_offset = false;
1839 
1840     if (test_migrate_start(&from, &to, args->listen_uri, &args->start)) {
1841         return;
1842     }
1843 
1844     /*
1845      * File migration is never live. We can keep the source VM running
1846      * during migration, but the destination will not be running
1847      * concurrently.
1848      */
1849     g_assert_false(args->live);
1850 
1851     if (g_strrstr(args->connect_uri, "offset=")) {
1852         check_offset = true;
1853         /*
1854          * This comes before the start_hook because it's equivalent to
1855          * a management application creating the file and writing to
1856          * it so hooks should expect the file to be already present.
1857          */
1858         file_dirty_offset_region();
1859     }
1860 
1861     if (args->start_hook) {
1862         data_hook = args->start_hook(from, to);
1863     }
1864 
1865     migrate_ensure_converge(from);
1866     wait_for_serial("src_serial");
1867 
1868     if (stop_src) {
1869         qtest_qmp_assert_success(from, "{ 'execute' : 'stop'}");
1870         wait_for_stop(from, &src_state);
1871     }
1872 
1873     if (args->result == MIG_TEST_QMP_ERROR) {
1874         migrate_qmp_fail(from, args->connect_uri, NULL, "{}");
1875         goto finish;
1876     }
1877 
1878     migrate_qmp(from, to, args->connect_uri, NULL, "{}");
1879     wait_for_migration_complete(from);
1880 
1881     /*
1882      * We need to wait for the source to finish before starting the
1883      * destination.
1884      */
1885     migrate_incoming_qmp(to, args->connect_uri, "{}");
1886     wait_for_migration_complete(to);
1887 
1888     if (stop_src) {
1889         qtest_qmp_assert_success(to, "{ 'execute' : 'cont'}");
1890     }
1891     wait_for_resume(to, &dst_state);
1892 
1893     wait_for_serial("dest_serial");
1894 
1895     if (check_offset) {
1896         file_check_offset_region();
1897     }
1898 
1899 finish:
1900     if (args->finish_hook) {
1901         args->finish_hook(from, to, data_hook);
1902     }
1903 
1904     test_migrate_end(from, to, args->result == MIG_TEST_SUCCEED);
1905 }
1906 
1907 static void test_precopy_unix_plain(void)
1908 {
1909     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1910     MigrateCommon args = {
1911         .listen_uri = uri,
1912         .connect_uri = uri,
1913         /*
1914          * The simplest use case of precopy, covering smoke tests of
1915          * get-dirty-log dirty tracking.
1916          */
1917         .live = true,
1918     };
1919 
1920     test_precopy_common(&args);
1921 }
1922 
1923 static void test_precopy_unix_suspend_live(void)
1924 {
1925     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1926     MigrateCommon args = {
1927         .listen_uri = uri,
1928         .connect_uri = uri,
1929         /*
1930          * despite being live, the test is fast because the src
1931          * suspends immediately.
1932          */
1933         .live = true,
1934         .start.suspend_me = true,
1935     };
1936 
1937     test_precopy_common(&args);
1938 }
1939 
1940 static void test_precopy_unix_suspend_notlive(void)
1941 {
1942     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1943     MigrateCommon args = {
1944         .listen_uri = uri,
1945         .connect_uri = uri,
1946         .start.suspend_me = true,
1947     };
1948 
1949     test_precopy_common(&args);
1950 }
1951 
1952 static void test_precopy_unix_dirty_ring(void)
1953 {
1954     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1955     MigrateCommon args = {
1956         .start = {
1957             .use_dirty_ring = true,
1958         },
1959         .listen_uri = uri,
1960         .connect_uri = uri,
1961         /*
1962          * Besides the precopy/unix basic test, cover dirty ring interface
1963          * rather than get-dirty-log.
1964          */
1965         .live = true,
1966     };
1967 
1968     test_precopy_common(&args);
1969 }
1970 
1971 #ifdef CONFIG_GNUTLS
1972 static void test_precopy_unix_tls_psk(void)
1973 {
1974     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1975     MigrateCommon args = {
1976         .connect_uri = uri,
1977         .listen_uri = uri,
1978         .start_hook = test_migrate_tls_psk_start_match,
1979         .finish_hook = test_migrate_tls_psk_finish,
1980     };
1981 
1982     test_precopy_common(&args);
1983 }
1984 
1985 #ifdef CONFIG_TASN1
1986 static void test_precopy_unix_tls_x509_default_host(void)
1987 {
1988     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1989     MigrateCommon args = {
1990         .start = {
1991             .hide_stderr = true,
1992         },
1993         .connect_uri = uri,
1994         .listen_uri = uri,
1995         .start_hook = test_migrate_tls_x509_start_default_host,
1996         .finish_hook = test_migrate_tls_x509_finish,
1997         .result = MIG_TEST_FAIL_DEST_QUIT_ERR,
1998     };
1999 
2000     test_precopy_common(&args);
2001 }
2002 
2003 static void test_precopy_unix_tls_x509_override_host(void)
2004 {
2005     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
2006     MigrateCommon args = {
2007         .connect_uri = uri,
2008         .listen_uri = uri,
2009         .start_hook = test_migrate_tls_x509_start_override_host,
2010         .finish_hook = test_migrate_tls_x509_finish,
2011     };
2012 
2013     test_precopy_common(&args);
2014 }
2015 #endif /* CONFIG_TASN1 */
2016 #endif /* CONFIG_GNUTLS */
2017 
2018 #if 0
2019 /* Currently upset on aarch64 TCG */
2020 static void test_ignore_shared(void)
2021 {
2022     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
2023     QTestState *from, *to;
2024 
2025     if (test_migrate_start(&from, &to, uri, false, true, NULL, NULL)) {
2026         return;
2027     }
2028 
2029     migrate_ensure_non_converge(from);
2030     migrate_prepare_for_dirty_mem(from);
2031 
2032     migrate_set_capability(from, "x-ignore-shared", true);
2033     migrate_set_capability(to, "x-ignore-shared", true);
2034 
2035     /* Wait for the first serial output from the source */
2036     wait_for_serial("src_serial");
2037 
2038     migrate_qmp(from, to, uri, NULL, "{}");
2039 
2040     migrate_wait_for_dirty_mem(from, to);
2041 
2042     wait_for_stop(from, &src_state);
2043 
2044     qtest_qmp_eventwait(to, "RESUME");
2045 
2046     wait_for_serial("dest_serial");
2047     wait_for_migration_complete(from);
2048 
2049     /* Check whether shared RAM has been really skipped */
2050     g_assert_cmpint(read_ram_property_int(from, "transferred"), <, 1024 * 1024);
2051 
2052     test_migrate_end(from, to, true);
2053 }
2054 #endif
2055 
2056 static void *
2057 test_migrate_xbzrle_start(QTestState *from,
2058                           QTestState *to)
2059 {
2060     migrate_set_parameter_int(from, "xbzrle-cache-size", 33554432);
2061 
2062     migrate_set_capability(from, "xbzrle", true);
2063     migrate_set_capability(to, "xbzrle", true);
2064 
2065     return NULL;
2066 }
2067 
2068 static void test_precopy_unix_xbzrle(void)
2069 {
2070     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
2071     MigrateCommon args = {
2072         .connect_uri = uri,
2073         .listen_uri = uri,
2074         .start_hook = test_migrate_xbzrle_start,
2075         .iterations = 2,
2076         /*
2077          * XBZRLE needs pages to be modified when doing the 2nd+ round
2078          * iteration to have real data pushed to the stream.
2079          */
2080         .live = true,
2081     };
2082 
2083     test_precopy_common(&args);
2084 }
2085 
2086 static void test_precopy_file(void)
2087 {
2088     g_autofree char *uri = g_strdup_printf("file:%s/%s", tmpfs,
2089                                            FILE_TEST_FILENAME);
2090     MigrateCommon args = {
2091         .connect_uri = uri,
2092         .listen_uri = "defer",
2093     };
2094 
2095     test_file_common(&args, true);
2096 }
2097 
2098 #ifndef _WIN32
2099 static void fdset_add_fds(QTestState *qts, const char *file, int flags,
2100                           int num_fds, bool direct_io)
2101 {
2102     for (int i = 0; i < num_fds; i++) {
2103         int fd;
2104 
2105 #ifdef O_DIRECT
2106         /* only secondary channels can use direct-io */
2107         if (direct_io && i != 0) {
2108             flags |= O_DIRECT;
2109         }
2110 #endif
2111 
2112         fd = open(file, flags, 0660);
2113         assert(fd != -1);
2114 
2115         qtest_qmp_fds_assert_success(qts, &fd, 1, "{'execute': 'add-fd', "
2116                                      "'arguments': {'fdset-id': 1}}");
2117         close(fd);
2118     }
2119 }
2120 
2121 static void *file_offset_fdset_start_hook(QTestState *from, QTestState *to)
2122 {
2123     g_autofree char *file = g_strdup_printf("%s/%s", tmpfs, FILE_TEST_FILENAME);
2124 
2125     fdset_add_fds(from, file, O_WRONLY, 1, false);
2126     fdset_add_fds(to, file, O_RDONLY, 1, false);
2127 
2128     return NULL;
2129 }
2130 
2131 static void test_precopy_file_offset_fdset(void)
2132 {
2133     g_autofree char *uri = g_strdup_printf("file:/dev/fdset/1,offset=%d",
2134                                            FILE_TEST_OFFSET);
2135     MigrateCommon args = {
2136         .connect_uri = uri,
2137         .listen_uri = "defer",
2138         .start_hook = file_offset_fdset_start_hook,
2139     };
2140 
2141     test_file_common(&args, false);
2142 }
2143 #endif
2144 
2145 static void test_precopy_file_offset(void)
2146 {
2147     g_autofree char *uri = g_strdup_printf("file:%s/%s,offset=%d", tmpfs,
2148                                            FILE_TEST_FILENAME,
2149                                            FILE_TEST_OFFSET);
2150     MigrateCommon args = {
2151         .connect_uri = uri,
2152         .listen_uri = "defer",
2153     };
2154 
2155     test_file_common(&args, false);
2156 }
2157 
2158 static void test_precopy_file_offset_bad(void)
2159 {
2160     /* using a value not supported by qemu_strtosz() */
2161     g_autofree char *uri = g_strdup_printf("file:%s/%s,offset=0x20M",
2162                                            tmpfs, FILE_TEST_FILENAME);
2163     MigrateCommon args = {
2164         .connect_uri = uri,
2165         .listen_uri = "defer",
2166         .result = MIG_TEST_QMP_ERROR,
2167     };
2168 
2169     test_file_common(&args, false);
2170 }
2171 
2172 static void *test_mode_reboot_start(QTestState *from, QTestState *to)
2173 {
2174     migrate_set_parameter_str(from, "mode", "cpr-reboot");
2175     migrate_set_parameter_str(to, "mode", "cpr-reboot");
2176 
2177     migrate_set_capability(from, "x-ignore-shared", true);
2178     migrate_set_capability(to, "x-ignore-shared", true);
2179 
2180     return NULL;
2181 }
2182 
2183 static void *migrate_mapped_ram_start(QTestState *from, QTestState *to)
2184 {
2185     migrate_set_capability(from, "mapped-ram", true);
2186     migrate_set_capability(to, "mapped-ram", true);
2187 
2188     return NULL;
2189 }
2190 
2191 static void test_mode_reboot(void)
2192 {
2193     g_autofree char *uri = g_strdup_printf("file:%s/%s", tmpfs,
2194                                            FILE_TEST_FILENAME);
2195     MigrateCommon args = {
2196         .start.use_shmem = true,
2197         .connect_uri = uri,
2198         .listen_uri = "defer",
2199         .start_hook = test_mode_reboot_start
2200     };
2201 
2202     test_file_common(&args, true);
2203 }
2204 
2205 static void test_precopy_file_mapped_ram_live(void)
2206 {
2207     g_autofree char *uri = g_strdup_printf("file:%s/%s", tmpfs,
2208                                            FILE_TEST_FILENAME);
2209     MigrateCommon args = {
2210         .connect_uri = uri,
2211         .listen_uri = "defer",
2212         .start_hook = migrate_mapped_ram_start,
2213     };
2214 
2215     test_file_common(&args, false);
2216 }
2217 
2218 static void test_precopy_file_mapped_ram(void)
2219 {
2220     g_autofree char *uri = g_strdup_printf("file:%s/%s", tmpfs,
2221                                            FILE_TEST_FILENAME);
2222     MigrateCommon args = {
2223         .connect_uri = uri,
2224         .listen_uri = "defer",
2225         .start_hook = migrate_mapped_ram_start,
2226     };
2227 
2228     test_file_common(&args, true);
2229 }
2230 
2231 static void *migrate_multifd_mapped_ram_start(QTestState *from, QTestState *to)
2232 {
2233     migrate_mapped_ram_start(from, to);
2234 
2235     migrate_set_parameter_int(from, "multifd-channels", 4);
2236     migrate_set_parameter_int(to, "multifd-channels", 4);
2237 
2238     migrate_set_capability(from, "multifd", true);
2239     migrate_set_capability(to, "multifd", true);
2240 
2241     return NULL;
2242 }
2243 
2244 static void test_multifd_file_mapped_ram_live(void)
2245 {
2246     g_autofree char *uri = g_strdup_printf("file:%s/%s", tmpfs,
2247                                            FILE_TEST_FILENAME);
2248     MigrateCommon args = {
2249         .connect_uri = uri,
2250         .listen_uri = "defer",
2251         .start_hook = migrate_multifd_mapped_ram_start,
2252     };
2253 
2254     test_file_common(&args, false);
2255 }
2256 
2257 static void test_multifd_file_mapped_ram(void)
2258 {
2259     g_autofree char *uri = g_strdup_printf("file:%s/%s", tmpfs,
2260                                            FILE_TEST_FILENAME);
2261     MigrateCommon args = {
2262         .connect_uri = uri,
2263         .listen_uri = "defer",
2264         .start_hook = migrate_multifd_mapped_ram_start,
2265     };
2266 
2267     test_file_common(&args, true);
2268 }
2269 
2270 static void *multifd_mapped_ram_dio_start(QTestState *from, QTestState *to)
2271 {
2272     migrate_multifd_mapped_ram_start(from, to);
2273 
2274     migrate_set_parameter_bool(from, "direct-io", true);
2275     migrate_set_parameter_bool(to, "direct-io", true);
2276 
2277     return NULL;
2278 }
2279 
2280 static void test_multifd_file_mapped_ram_dio(void)
2281 {
2282     g_autofree char *uri = g_strdup_printf("file:%s/%s", tmpfs,
2283                                            FILE_TEST_FILENAME);
2284     MigrateCommon args = {
2285         .connect_uri = uri,
2286         .listen_uri = "defer",
2287         .start_hook = multifd_mapped_ram_dio_start,
2288     };
2289 
2290     if (!probe_o_direct_support(tmpfs)) {
2291         g_test_skip("Filesystem does not support O_DIRECT");
2292         return;
2293     }
2294 
2295     test_file_common(&args, true);
2296 }
2297 
2298 #ifndef _WIN32
2299 static void multifd_mapped_ram_fdset_end(QTestState *from, QTestState *to,
2300                                          void *opaque)
2301 {
2302     QDict *resp;
2303     QList *fdsets;
2304 
2305     /*
2306      * Remove the fdsets after migration, otherwise a second migration
2307      * would fail due fdset reuse.
2308      */
2309     qtest_qmp_assert_success(from, "{'execute': 'remove-fd', "
2310                              "'arguments': { 'fdset-id': 1}}");
2311 
2312     /*
2313      * Make sure no fdsets are left after migration, otherwise a
2314      * second migration would fail due fdset reuse.
2315      */
2316     resp = qtest_qmp(from, "{'execute': 'query-fdsets', "
2317                      "'arguments': {}}");
2318     g_assert(qdict_haskey(resp, "return"));
2319     fdsets = qdict_get_qlist(resp, "return");
2320     g_assert(fdsets && qlist_empty(fdsets));
2321     qobject_unref(resp);
2322 }
2323 
2324 static void *multifd_mapped_ram_fdset_dio(QTestState *from, QTestState *to)
2325 {
2326     g_autofree char *file = g_strdup_printf("%s/%s", tmpfs, FILE_TEST_FILENAME);
2327 
2328     fdset_add_fds(from, file, O_WRONLY, 2, true);
2329     fdset_add_fds(to, file, O_RDONLY, 2, true);
2330 
2331     migrate_multifd_mapped_ram_start(from, to);
2332     migrate_set_parameter_bool(from, "direct-io", true);
2333     migrate_set_parameter_bool(to, "direct-io", true);
2334 
2335     return NULL;
2336 }
2337 
2338 static void *multifd_mapped_ram_fdset(QTestState *from, QTestState *to)
2339 {
2340     g_autofree char *file = g_strdup_printf("%s/%s", tmpfs, FILE_TEST_FILENAME);
2341 
2342     fdset_add_fds(from, file, O_WRONLY, 2, false);
2343     fdset_add_fds(to, file, O_RDONLY, 2, false);
2344 
2345     migrate_multifd_mapped_ram_start(from, to);
2346 
2347     return NULL;
2348 }
2349 
2350 static void test_multifd_file_mapped_ram_fdset(void)
2351 {
2352     g_autofree char *uri = g_strdup_printf("file:/dev/fdset/1,offset=%d",
2353                                            FILE_TEST_OFFSET);
2354     MigrateCommon args = {
2355         .connect_uri = uri,
2356         .listen_uri = "defer",
2357         .start_hook = multifd_mapped_ram_fdset,
2358         .finish_hook = multifd_mapped_ram_fdset_end,
2359     };
2360 
2361     test_file_common(&args, true);
2362 }
2363 
2364 static void test_multifd_file_mapped_ram_fdset_dio(void)
2365 {
2366     g_autofree char *uri = g_strdup_printf("file:/dev/fdset/1,offset=%d",
2367                                            FILE_TEST_OFFSET);
2368     MigrateCommon args = {
2369         .connect_uri = uri,
2370         .listen_uri = "defer",
2371         .start_hook = multifd_mapped_ram_fdset_dio,
2372         .finish_hook = multifd_mapped_ram_fdset_end,
2373     };
2374 
2375     if (!probe_o_direct_support(tmpfs)) {
2376         g_test_skip("Filesystem does not support O_DIRECT");
2377         return;
2378     }
2379 
2380     test_file_common(&args, true);
2381 }
2382 #endif /* !_WIN32 */
2383 
2384 static void test_precopy_tcp_plain(void)
2385 {
2386     MigrateCommon args = {
2387         .listen_uri = "tcp:127.0.0.1:0",
2388     };
2389 
2390     test_precopy_common(&args);
2391 }
2392 
2393 static void *test_migrate_switchover_ack_start(QTestState *from, QTestState *to)
2394 {
2395 
2396     migrate_set_capability(from, "return-path", true);
2397     migrate_set_capability(to, "return-path", true);
2398 
2399     migrate_set_capability(from, "switchover-ack", true);
2400     migrate_set_capability(to, "switchover-ack", true);
2401 
2402     return NULL;
2403 }
2404 
2405 static void test_precopy_tcp_switchover_ack(void)
2406 {
2407     MigrateCommon args = {
2408         .listen_uri = "tcp:127.0.0.1:0",
2409         .start_hook = test_migrate_switchover_ack_start,
2410         /*
2411          * Source VM must be running in order to consider the switchover ACK
2412          * when deciding to do switchover or not.
2413          */
2414         .live = true,
2415     };
2416 
2417     test_precopy_common(&args);
2418 }
2419 
2420 #ifdef CONFIG_GNUTLS
2421 static void test_precopy_tcp_tls_psk_match(void)
2422 {
2423     MigrateCommon args = {
2424         .listen_uri = "tcp:127.0.0.1:0",
2425         .start_hook = test_migrate_tls_psk_start_match,
2426         .finish_hook = test_migrate_tls_psk_finish,
2427     };
2428 
2429     test_precopy_common(&args);
2430 }
2431 
2432 static void test_precopy_tcp_tls_psk_mismatch(void)
2433 {
2434     MigrateCommon args = {
2435         .start = {
2436             .hide_stderr = true,
2437         },
2438         .listen_uri = "tcp:127.0.0.1:0",
2439         .start_hook = test_migrate_tls_psk_start_mismatch,
2440         .finish_hook = test_migrate_tls_psk_finish,
2441         .result = MIG_TEST_FAIL,
2442     };
2443 
2444     test_precopy_common(&args);
2445 }
2446 
2447 #ifdef CONFIG_TASN1
2448 static void test_precopy_tcp_tls_x509_default_host(void)
2449 {
2450     MigrateCommon args = {
2451         .listen_uri = "tcp:127.0.0.1:0",
2452         .start_hook = test_migrate_tls_x509_start_default_host,
2453         .finish_hook = test_migrate_tls_x509_finish,
2454     };
2455 
2456     test_precopy_common(&args);
2457 }
2458 
2459 static void test_precopy_tcp_tls_x509_override_host(void)
2460 {
2461     MigrateCommon args = {
2462         .listen_uri = "tcp:127.0.0.1:0",
2463         .start_hook = test_migrate_tls_x509_start_override_host,
2464         .finish_hook = test_migrate_tls_x509_finish,
2465     };
2466 
2467     test_precopy_common(&args);
2468 }
2469 
2470 static void test_precopy_tcp_tls_x509_mismatch_host(void)
2471 {
2472     MigrateCommon args = {
2473         .start = {
2474             .hide_stderr = true,
2475         },
2476         .listen_uri = "tcp:127.0.0.1:0",
2477         .start_hook = test_migrate_tls_x509_start_mismatch_host,
2478         .finish_hook = test_migrate_tls_x509_finish,
2479         .result = MIG_TEST_FAIL_DEST_QUIT_ERR,
2480     };
2481 
2482     test_precopy_common(&args);
2483 }
2484 
2485 static void test_precopy_tcp_tls_x509_friendly_client(void)
2486 {
2487     MigrateCommon args = {
2488         .listen_uri = "tcp:127.0.0.1:0",
2489         .start_hook = test_migrate_tls_x509_start_friendly_client,
2490         .finish_hook = test_migrate_tls_x509_finish,
2491     };
2492 
2493     test_precopy_common(&args);
2494 }
2495 
2496 static void test_precopy_tcp_tls_x509_hostile_client(void)
2497 {
2498     MigrateCommon args = {
2499         .start = {
2500             .hide_stderr = true,
2501         },
2502         .listen_uri = "tcp:127.0.0.1:0",
2503         .start_hook = test_migrate_tls_x509_start_hostile_client,
2504         .finish_hook = test_migrate_tls_x509_finish,
2505         .result = MIG_TEST_FAIL,
2506     };
2507 
2508     test_precopy_common(&args);
2509 }
2510 
2511 static void test_precopy_tcp_tls_x509_allow_anon_client(void)
2512 {
2513     MigrateCommon args = {
2514         .listen_uri = "tcp:127.0.0.1:0",
2515         .start_hook = test_migrate_tls_x509_start_allow_anon_client,
2516         .finish_hook = test_migrate_tls_x509_finish,
2517     };
2518 
2519     test_precopy_common(&args);
2520 }
2521 
2522 static void test_precopy_tcp_tls_x509_reject_anon_client(void)
2523 {
2524     MigrateCommon args = {
2525         .start = {
2526             .hide_stderr = true,
2527         },
2528         .listen_uri = "tcp:127.0.0.1:0",
2529         .start_hook = test_migrate_tls_x509_start_reject_anon_client,
2530         .finish_hook = test_migrate_tls_x509_finish,
2531         .result = MIG_TEST_FAIL,
2532     };
2533 
2534     test_precopy_common(&args);
2535 }
2536 #endif /* CONFIG_TASN1 */
2537 #endif /* CONFIG_GNUTLS */
2538 
2539 #ifndef _WIN32
2540 static void *test_migrate_fd_start_hook(QTestState *from,
2541                                         QTestState *to)
2542 {
2543     int ret;
2544     int pair[2];
2545 
2546     /* Create two connected sockets for migration */
2547     ret = qemu_socketpair(PF_LOCAL, SOCK_STREAM, 0, pair);
2548     g_assert_cmpint(ret, ==, 0);
2549 
2550     /* Send the 1st socket to the target */
2551     qtest_qmp_fds_assert_success(to, &pair[0], 1,
2552                                  "{ 'execute': 'getfd',"
2553                                  "  'arguments': { 'fdname': 'fd-mig' }}");
2554     close(pair[0]);
2555 
2556     /* Start incoming migration from the 1st socket */
2557     migrate_incoming_qmp(to, "fd:fd-mig", "{}");
2558 
2559     /* Send the 2nd socket to the target */
2560     qtest_qmp_fds_assert_success(from, &pair[1], 1,
2561                                  "{ 'execute': 'getfd',"
2562                                  "  'arguments': { 'fdname': 'fd-mig' }}");
2563     close(pair[1]);
2564 
2565     return NULL;
2566 }
2567 
2568 static void test_migrate_fd_finish_hook(QTestState *from,
2569                                         QTestState *to,
2570                                         void *opaque)
2571 {
2572     QDict *rsp;
2573     const char *error_desc;
2574 
2575     /* Test closing fds */
2576     /* We assume, that QEMU removes named fd from its list,
2577      * so this should fail */
2578     rsp = qtest_qmp(from, "{ 'execute': 'closefd',"
2579                           "  'arguments': { 'fdname': 'fd-mig' }}");
2580     g_assert_true(qdict_haskey(rsp, "error"));
2581     error_desc = qdict_get_str(qdict_get_qdict(rsp, "error"), "desc");
2582     g_assert_cmpstr(error_desc, ==, "File descriptor named 'fd-mig' not found");
2583     qobject_unref(rsp);
2584 
2585     rsp = qtest_qmp(to, "{ 'execute': 'closefd',"
2586                         "  'arguments': { 'fdname': 'fd-mig' }}");
2587     g_assert_true(qdict_haskey(rsp, "error"));
2588     error_desc = qdict_get_str(qdict_get_qdict(rsp, "error"), "desc");
2589     g_assert_cmpstr(error_desc, ==, "File descriptor named 'fd-mig' not found");
2590     qobject_unref(rsp);
2591 }
2592 
2593 static void test_migrate_precopy_fd_socket(void)
2594 {
2595     MigrateCommon args = {
2596         .listen_uri = "defer",
2597         .connect_uri = "fd:fd-mig",
2598         .start_hook = test_migrate_fd_start_hook,
2599         .finish_hook = test_migrate_fd_finish_hook
2600     };
2601     test_precopy_common(&args);
2602 }
2603 
2604 static void *migrate_precopy_fd_file_start(QTestState *from, QTestState *to)
2605 {
2606     g_autofree char *file = g_strdup_printf("%s/%s", tmpfs, FILE_TEST_FILENAME);
2607     int src_flags = O_CREAT | O_RDWR;
2608     int dst_flags = O_CREAT | O_RDWR;
2609     int fds[2];
2610 
2611     fds[0] = open(file, src_flags, 0660);
2612     assert(fds[0] != -1);
2613 
2614     fds[1] = open(file, dst_flags, 0660);
2615     assert(fds[1] != -1);
2616 
2617 
2618     qtest_qmp_fds_assert_success(to, &fds[0], 1,
2619                                  "{ 'execute': 'getfd',"
2620                                  "  'arguments': { 'fdname': 'fd-mig' }}");
2621 
2622     qtest_qmp_fds_assert_success(from, &fds[1], 1,
2623                                  "{ 'execute': 'getfd',"
2624                                  "  'arguments': { 'fdname': 'fd-mig' }}");
2625 
2626     close(fds[0]);
2627     close(fds[1]);
2628 
2629     return NULL;
2630 }
2631 
2632 static void test_migrate_precopy_fd_file(void)
2633 {
2634     MigrateCommon args = {
2635         .listen_uri = "defer",
2636         .connect_uri = "fd:fd-mig",
2637         .start_hook = migrate_precopy_fd_file_start,
2638         .finish_hook = test_migrate_fd_finish_hook
2639     };
2640     test_file_common(&args, true);
2641 }
2642 #endif /* _WIN32 */
2643 
2644 static void do_test_validate_uuid(MigrateStart *args, bool should_fail)
2645 {
2646     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
2647     QTestState *from, *to;
2648 
2649     if (test_migrate_start(&from, &to, uri, args)) {
2650         return;
2651     }
2652 
2653     /*
2654      * UUID validation is at the begin of migration. So, the main process of
2655      * migration is not interesting for us here. Thus, set huge downtime for
2656      * very fast migration.
2657      */
2658     migrate_set_parameter_int(from, "downtime-limit", 1000000);
2659     migrate_set_capability(from, "validate-uuid", true);
2660 
2661     /* Wait for the first serial output from the source */
2662     wait_for_serial("src_serial");
2663 
2664     migrate_qmp(from, to, uri, NULL, "{}");
2665 
2666     if (should_fail) {
2667         qtest_set_expected_status(to, EXIT_FAILURE);
2668         wait_for_migration_fail(from, true);
2669     } else {
2670         wait_for_migration_complete(from);
2671     }
2672 
2673     test_migrate_end(from, to, false);
2674 }
2675 
2676 static void test_validate_uuid(void)
2677 {
2678     MigrateStart args = {
2679         .opts_source = "-uuid 11111111-1111-1111-1111-111111111111",
2680         .opts_target = "-uuid 11111111-1111-1111-1111-111111111111",
2681     };
2682 
2683     do_test_validate_uuid(&args, false);
2684 }
2685 
2686 static void test_validate_uuid_error(void)
2687 {
2688     MigrateStart args = {
2689         .opts_source = "-uuid 11111111-1111-1111-1111-111111111111",
2690         .opts_target = "-uuid 22222222-2222-2222-2222-222222222222",
2691         .hide_stderr = true,
2692     };
2693 
2694     do_test_validate_uuid(&args, true);
2695 }
2696 
2697 static void test_validate_uuid_src_not_set(void)
2698 {
2699     MigrateStart args = {
2700         .opts_target = "-uuid 22222222-2222-2222-2222-222222222222",
2701         .hide_stderr = true,
2702     };
2703 
2704     do_test_validate_uuid(&args, false);
2705 }
2706 
2707 static void test_validate_uuid_dst_not_set(void)
2708 {
2709     MigrateStart args = {
2710         .opts_source = "-uuid 11111111-1111-1111-1111-111111111111",
2711         .hide_stderr = true,
2712     };
2713 
2714     do_test_validate_uuid(&args, false);
2715 }
2716 
2717 static void do_test_validate_uri_channel(MigrateCommon *args)
2718 {
2719     QTestState *from, *to;
2720 
2721     if (test_migrate_start(&from, &to, args->listen_uri, &args->start)) {
2722         return;
2723     }
2724 
2725     /* Wait for the first serial output from the source */
2726     wait_for_serial("src_serial");
2727 
2728     /*
2729      * 'uri' and 'channels' validation is checked even before the migration
2730      * starts.
2731      */
2732     migrate_qmp_fail(from, args->connect_uri, args->connect_channels, "{}");
2733     test_migrate_end(from, to, false);
2734 }
2735 
2736 static void test_validate_uri_channels_both_set(void)
2737 {
2738     MigrateCommon args = {
2739         .start = {
2740             .hide_stderr = true,
2741         },
2742         .listen_uri = "defer",
2743         .connect_uri = "tcp:127.0.0.1:0",
2744         .connect_channels = "[ { 'channel-type': 'main',"
2745                             "    'addr': { 'transport': 'socket',"
2746                             "              'type': 'inet',"
2747                             "              'host': '127.0.0.1',"
2748                             "              'port': '0' } } ]",
2749     };
2750 
2751     do_test_validate_uri_channel(&args);
2752 }
2753 
2754 static void test_validate_uri_channels_none_set(void)
2755 {
2756     MigrateCommon args = {
2757         .start = {
2758             .hide_stderr = true,
2759         },
2760         .listen_uri = "defer",
2761     };
2762 
2763     do_test_validate_uri_channel(&args);
2764 }
2765 
2766 /*
2767  * The way auto_converge works, we need to do too many passes to
2768  * run this test.  Auto_converge logic is only run once every
2769  * three iterations, so:
2770  *
2771  * - 3 iterations without auto_converge enabled
2772  * - 3 iterations with pct = 5
2773  * - 3 iterations with pct = 30
2774  * - 3 iterations with pct = 55
2775  * - 3 iterations with pct = 80
2776  * - 3 iterations with pct = 95 (max(95, 80 + 25))
2777  *
2778  * To make things even worse, we need to run the initial stage at
2779  * 3MB/s so we enter autoconverge even when host is (over)loaded.
2780  */
2781 static void test_migrate_auto_converge(void)
2782 {
2783     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
2784     MigrateStart args = {};
2785     QTestState *from, *to;
2786     int64_t percentage;
2787 
2788     /*
2789      * We want the test to be stable and as fast as possible.
2790      * E.g., with 1Gb/s bandwidth migration may pass without throttling,
2791      * so we need to decrease a bandwidth.
2792      */
2793     const int64_t init_pct = 5, inc_pct = 25, max_pct = 95;
2794     uint64_t prev_dirty_sync_cnt, dirty_sync_cnt;
2795     int max_try_count, hit = 0;
2796 
2797     if (test_migrate_start(&from, &to, uri, &args)) {
2798         return;
2799     }
2800 
2801     migrate_set_capability(from, "auto-converge", true);
2802     migrate_set_parameter_int(from, "cpu-throttle-initial", init_pct);
2803     migrate_set_parameter_int(from, "cpu-throttle-increment", inc_pct);
2804     migrate_set_parameter_int(from, "max-cpu-throttle", max_pct);
2805 
2806     /*
2807      * Set the initial parameters so that the migration could not converge
2808      * without throttling.
2809      */
2810     migrate_ensure_non_converge(from);
2811 
2812     /* To check remaining size after precopy */
2813     migrate_set_capability(from, "pause-before-switchover", true);
2814 
2815     /* Wait for the first serial output from the source */
2816     wait_for_serial("src_serial");
2817 
2818     migrate_qmp(from, to, uri, NULL, "{}");
2819 
2820     /* Wait for throttling begins */
2821     percentage = 0;
2822     do {
2823         percentage = read_migrate_property_int(from, "cpu-throttle-percentage");
2824         if (percentage != 0) {
2825             break;
2826         }
2827         usleep(20);
2828         g_assert_false(src_state.stop_seen);
2829     } while (true);
2830     /* The first percentage of throttling should be at least init_pct */
2831     g_assert_cmpint(percentage, >=, init_pct);
2832 
2833     /*
2834      * End the loop when the dirty sync count greater than 1.
2835      */
2836     while ((dirty_sync_cnt = get_migration_pass(from)) < 2) {
2837         usleep(1000 * 1000);
2838     }
2839 
2840     prev_dirty_sync_cnt = dirty_sync_cnt;
2841 
2842     /*
2843      * The RAMBlock dirty sync count must changes in 5 seconds, here we set
2844      * the timeout to 10 seconds to ensure it changes.
2845      *
2846      * Note that migrate_ensure_non_converge set the max-bandwidth to 3MB/s,
2847      * while the qtest mem is >= 100MB, one iteration takes at least 33s (100/3)
2848      * to complete; this ensures that the RAMBlock dirty sync occurs.
2849      */
2850     max_try_count = 10;
2851     while (--max_try_count) {
2852         dirty_sync_cnt = get_migration_pass(from);
2853         if (dirty_sync_cnt != prev_dirty_sync_cnt) {
2854             hit = 1;
2855             break;
2856         }
2857         prev_dirty_sync_cnt = dirty_sync_cnt;
2858         sleep(1);
2859     }
2860     g_assert_cmpint(hit, ==, 1);
2861 
2862     /* Now, when we tested that throttling works, let it converge */
2863     migrate_ensure_converge(from);
2864 
2865     /*
2866      * Wait for pre-switchover status to check last throttle percentage
2867      * and remaining. These values will be zeroed later
2868      */
2869     wait_for_migration_status(from, "pre-switchover", NULL);
2870 
2871     /* The final percentage of throttling shouldn't be greater than max_pct */
2872     percentage = read_migrate_property_int(from, "cpu-throttle-percentage");
2873     g_assert_cmpint(percentage, <=, max_pct);
2874     migrate_continue(from, "pre-switchover");
2875 
2876     qtest_qmp_eventwait(to, "RESUME");
2877 
2878     wait_for_serial("dest_serial");
2879     wait_for_migration_complete(from);
2880 
2881     test_migrate_end(from, to, true);
2882 }
2883 
2884 static void *
2885 test_migrate_precopy_tcp_multifd_start_common(QTestState *from,
2886                                               QTestState *to,
2887                                               const char *method)
2888 {
2889     migrate_set_parameter_int(from, "multifd-channels", 16);
2890     migrate_set_parameter_int(to, "multifd-channels", 16);
2891 
2892     migrate_set_parameter_str(from, "multifd-compression", method);
2893     migrate_set_parameter_str(to, "multifd-compression", method);
2894 
2895     migrate_set_capability(from, "multifd", true);
2896     migrate_set_capability(to, "multifd", true);
2897 
2898     /* Start incoming migration from the 1st socket */
2899     migrate_incoming_qmp(to, "tcp:127.0.0.1:0", "{}");
2900 
2901     return NULL;
2902 }
2903 
2904 static void *
2905 test_migrate_precopy_tcp_multifd_start(QTestState *from,
2906                                        QTestState *to)
2907 {
2908     return test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2909 }
2910 
2911 static void *
2912 test_migrate_precopy_tcp_multifd_start_zero_page_legacy(QTestState *from,
2913                                                         QTestState *to)
2914 {
2915     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2916     migrate_set_parameter_str(from, "zero-page-detection", "legacy");
2917     return NULL;
2918 }
2919 
2920 static void *
2921 test_migration_precopy_tcp_multifd_start_no_zero_page(QTestState *from,
2922                                                       QTestState *to)
2923 {
2924     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2925     migrate_set_parameter_str(from, "zero-page-detection", "none");
2926     return NULL;
2927 }
2928 
2929 static void *
2930 test_migrate_precopy_tcp_multifd_zlib_start(QTestState *from,
2931                                             QTestState *to)
2932 {
2933     /*
2934      * Overloading this test to also check that set_parameter does not error.
2935      * This is also done in the tests for the other compression methods.
2936      */
2937     migrate_set_parameter_int(from, "multifd-zlib-level", 2);
2938     migrate_set_parameter_int(to, "multifd-zlib-level", 2);
2939 
2940     return test_migrate_precopy_tcp_multifd_start_common(from, to, "zlib");
2941 }
2942 
2943 #ifdef CONFIG_ZSTD
2944 static void *
2945 test_migrate_precopy_tcp_multifd_zstd_start(QTestState *from,
2946                                             QTestState *to)
2947 {
2948     migrate_set_parameter_int(from, "multifd-zstd-level", 2);
2949     migrate_set_parameter_int(to, "multifd-zstd-level", 2);
2950 
2951     return test_migrate_precopy_tcp_multifd_start_common(from, to, "zstd");
2952 }
2953 #endif /* CONFIG_ZSTD */
2954 
2955 #ifdef CONFIG_QATZIP
2956 static void *
2957 test_migrate_precopy_tcp_multifd_qatzip_start(QTestState *from,
2958                                               QTestState *to)
2959 {
2960     migrate_set_parameter_int(from, "multifd-qatzip-level", 2);
2961     migrate_set_parameter_int(to, "multifd-qatzip-level", 2);
2962 
2963     return test_migrate_precopy_tcp_multifd_start_common(from, to, "qatzip");
2964 }
2965 #endif
2966 
2967 #ifdef CONFIG_QPL
2968 static void *
2969 test_migrate_precopy_tcp_multifd_qpl_start(QTestState *from,
2970                                             QTestState *to)
2971 {
2972     return test_migrate_precopy_tcp_multifd_start_common(from, to, "qpl");
2973 }
2974 #endif /* CONFIG_QPL */
2975 #ifdef CONFIG_UADK
2976 static void *
2977 test_migrate_precopy_tcp_multifd_uadk_start(QTestState *from,
2978                                             QTestState *to)
2979 {
2980     return test_migrate_precopy_tcp_multifd_start_common(from, to, "uadk");
2981 }
2982 #endif /* CONFIG_UADK */
2983 
2984 static void test_multifd_tcp_uri_none(void)
2985 {
2986     MigrateCommon args = {
2987         .listen_uri = "defer",
2988         .start_hook = test_migrate_precopy_tcp_multifd_start,
2989         /*
2990          * Multifd is more complicated than most of the features, it
2991          * directly takes guest page buffers when sending, make sure
2992          * everything will work alright even if guest page is changing.
2993          */
2994         .live = true,
2995     };
2996     test_precopy_common(&args);
2997 }
2998 
2999 static void test_multifd_tcp_zero_page_legacy(void)
3000 {
3001     MigrateCommon args = {
3002         .listen_uri = "defer",
3003         .start_hook = test_migrate_precopy_tcp_multifd_start_zero_page_legacy,
3004         /*
3005          * Multifd is more complicated than most of the features, it
3006          * directly takes guest page buffers when sending, make sure
3007          * everything will work alright even if guest page is changing.
3008          */
3009         .live = true,
3010     };
3011     test_precopy_common(&args);
3012 }
3013 
3014 static void test_multifd_tcp_no_zero_page(void)
3015 {
3016     MigrateCommon args = {
3017         .listen_uri = "defer",
3018         .start_hook = test_migration_precopy_tcp_multifd_start_no_zero_page,
3019         /*
3020          * Multifd is more complicated than most of the features, it
3021          * directly takes guest page buffers when sending, make sure
3022          * everything will work alright even if guest page is changing.
3023          */
3024         .live = true,
3025     };
3026     test_precopy_common(&args);
3027 }
3028 
3029 static void test_multifd_tcp_channels_none(void)
3030 {
3031     MigrateCommon args = {
3032         .listen_uri = "defer",
3033         .start_hook = test_migrate_precopy_tcp_multifd_start,
3034         .live = true,
3035         .connect_channels = "[ { 'channel-type': 'main',"
3036                             "    'addr': { 'transport': 'socket',"
3037                             "              'type': 'inet',"
3038                             "              'host': '127.0.0.1',"
3039                             "              'port': '0' } } ]",
3040     };
3041     test_precopy_common(&args);
3042 }
3043 
3044 static void test_multifd_tcp_zlib(void)
3045 {
3046     MigrateCommon args = {
3047         .listen_uri = "defer",
3048         .start_hook = test_migrate_precopy_tcp_multifd_zlib_start,
3049     };
3050     test_precopy_common(&args);
3051 }
3052 
3053 #ifdef CONFIG_ZSTD
3054 static void test_multifd_tcp_zstd(void)
3055 {
3056     MigrateCommon args = {
3057         .listen_uri = "defer",
3058         .start_hook = test_migrate_precopy_tcp_multifd_zstd_start,
3059     };
3060     test_precopy_common(&args);
3061 }
3062 #endif
3063 
3064 #ifdef CONFIG_QATZIP
3065 static void test_multifd_tcp_qatzip(void)
3066 {
3067     MigrateCommon args = {
3068         .listen_uri = "defer",
3069         .start_hook = test_migrate_precopy_tcp_multifd_qatzip_start,
3070     };
3071     test_precopy_common(&args);
3072 }
3073 #endif
3074 
3075 #ifdef CONFIG_QPL
3076 static void test_multifd_tcp_qpl(void)
3077 {
3078     MigrateCommon args = {
3079         .listen_uri = "defer",
3080         .start_hook = test_migrate_precopy_tcp_multifd_qpl_start,
3081     };
3082     test_precopy_common(&args);
3083 }
3084 #endif
3085 
3086 #ifdef CONFIG_UADK
3087 static void test_multifd_tcp_uadk(void)
3088 {
3089     MigrateCommon args = {
3090         .listen_uri = "defer",
3091         .start_hook = test_migrate_precopy_tcp_multifd_uadk_start,
3092     };
3093     test_precopy_common(&args);
3094 }
3095 #endif
3096 
3097 #ifdef CONFIG_GNUTLS
3098 static void *
3099 test_migrate_multifd_tcp_tls_psk_start_match(QTestState *from,
3100                                              QTestState *to)
3101 {
3102     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
3103     return test_migrate_tls_psk_start_match(from, to);
3104 }
3105 
3106 static void *
3107 test_migrate_multifd_tcp_tls_psk_start_mismatch(QTestState *from,
3108                                                 QTestState *to)
3109 {
3110     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
3111     return test_migrate_tls_psk_start_mismatch(from, to);
3112 }
3113 
3114 #ifdef CONFIG_TASN1
3115 static void *
3116 test_migrate_multifd_tls_x509_start_default_host(QTestState *from,
3117                                                  QTestState *to)
3118 {
3119     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
3120     return test_migrate_tls_x509_start_default_host(from, to);
3121 }
3122 
3123 static void *
3124 test_migrate_multifd_tls_x509_start_override_host(QTestState *from,
3125                                                   QTestState *to)
3126 {
3127     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
3128     return test_migrate_tls_x509_start_override_host(from, to);
3129 }
3130 
3131 static void *
3132 test_migrate_multifd_tls_x509_start_mismatch_host(QTestState *from,
3133                                                   QTestState *to)
3134 {
3135     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
3136     return test_migrate_tls_x509_start_mismatch_host(from, to);
3137 }
3138 
3139 static void *
3140 test_migrate_multifd_tls_x509_start_allow_anon_client(QTestState *from,
3141                                                       QTestState *to)
3142 {
3143     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
3144     return test_migrate_tls_x509_start_allow_anon_client(from, to);
3145 }
3146 
3147 static void *
3148 test_migrate_multifd_tls_x509_start_reject_anon_client(QTestState *from,
3149                                                        QTestState *to)
3150 {
3151     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
3152     return test_migrate_tls_x509_start_reject_anon_client(from, to);
3153 }
3154 #endif /* CONFIG_TASN1 */
3155 
3156 static void test_multifd_tcp_tls_psk_match(void)
3157 {
3158     MigrateCommon args = {
3159         .listen_uri = "defer",
3160         .start_hook = test_migrate_multifd_tcp_tls_psk_start_match,
3161         .finish_hook = test_migrate_tls_psk_finish,
3162     };
3163     test_precopy_common(&args);
3164 }
3165 
3166 static void test_multifd_tcp_tls_psk_mismatch(void)
3167 {
3168     MigrateCommon args = {
3169         .start = {
3170             .hide_stderr = true,
3171         },
3172         .listen_uri = "defer",
3173         .start_hook = test_migrate_multifd_tcp_tls_psk_start_mismatch,
3174         .finish_hook = test_migrate_tls_psk_finish,
3175         .result = MIG_TEST_FAIL,
3176     };
3177     test_precopy_common(&args);
3178 }
3179 
3180 #ifdef CONFIG_TASN1
3181 static void test_multifd_tcp_tls_x509_default_host(void)
3182 {
3183     MigrateCommon args = {
3184         .listen_uri = "defer",
3185         .start_hook = test_migrate_multifd_tls_x509_start_default_host,
3186         .finish_hook = test_migrate_tls_x509_finish,
3187     };
3188     test_precopy_common(&args);
3189 }
3190 
3191 static void test_multifd_tcp_tls_x509_override_host(void)
3192 {
3193     MigrateCommon args = {
3194         .listen_uri = "defer",
3195         .start_hook = test_migrate_multifd_tls_x509_start_override_host,
3196         .finish_hook = test_migrate_tls_x509_finish,
3197     };
3198     test_precopy_common(&args);
3199 }
3200 
3201 static void test_multifd_tcp_tls_x509_mismatch_host(void)
3202 {
3203     /*
3204      * This has different behaviour to the non-multifd case.
3205      *
3206      * In non-multifd case when client aborts due to mismatched
3207      * cert host, the server has already started trying to load
3208      * migration state, and so it exits with I/O failure.
3209      *
3210      * In multifd case when client aborts due to mismatched
3211      * cert host, the server is still waiting for the other
3212      * multifd connections to arrive so hasn't started trying
3213      * to load migration state, and thus just aborts the migration
3214      * without exiting.
3215      */
3216     MigrateCommon args = {
3217         .start = {
3218             .hide_stderr = true,
3219         },
3220         .listen_uri = "defer",
3221         .start_hook = test_migrate_multifd_tls_x509_start_mismatch_host,
3222         .finish_hook = test_migrate_tls_x509_finish,
3223         .result = MIG_TEST_FAIL,
3224     };
3225     test_precopy_common(&args);
3226 }
3227 
3228 static void test_multifd_tcp_tls_x509_allow_anon_client(void)
3229 {
3230     MigrateCommon args = {
3231         .listen_uri = "defer",
3232         .start_hook = test_migrate_multifd_tls_x509_start_allow_anon_client,
3233         .finish_hook = test_migrate_tls_x509_finish,
3234     };
3235     test_precopy_common(&args);
3236 }
3237 
3238 static void test_multifd_tcp_tls_x509_reject_anon_client(void)
3239 {
3240     MigrateCommon args = {
3241         .start = {
3242             .hide_stderr = true,
3243         },
3244         .listen_uri = "defer",
3245         .start_hook = test_migrate_multifd_tls_x509_start_reject_anon_client,
3246         .finish_hook = test_migrate_tls_x509_finish,
3247         .result = MIG_TEST_FAIL,
3248     };
3249     test_precopy_common(&args);
3250 }
3251 #endif /* CONFIG_TASN1 */
3252 #endif /* CONFIG_GNUTLS */
3253 
3254 /*
3255  * This test does:
3256  *  source               target
3257  *                       migrate_incoming
3258  *     migrate
3259  *     migrate_cancel
3260  *                       launch another target
3261  *     migrate
3262  *
3263  *  And see that it works
3264  */
3265 static void test_multifd_tcp_cancel(void)
3266 {
3267     MigrateStart args = {
3268         .hide_stderr = true,
3269     };
3270     QTestState *from, *to, *to2;
3271 
3272     if (test_migrate_start(&from, &to, "defer", &args)) {
3273         return;
3274     }
3275 
3276     migrate_ensure_non_converge(from);
3277     migrate_prepare_for_dirty_mem(from);
3278 
3279     migrate_set_parameter_int(from, "multifd-channels", 16);
3280     migrate_set_parameter_int(to, "multifd-channels", 16);
3281 
3282     migrate_set_capability(from, "multifd", true);
3283     migrate_set_capability(to, "multifd", true);
3284 
3285     /* Start incoming migration from the 1st socket */
3286     migrate_incoming_qmp(to, "tcp:127.0.0.1:0", "{}");
3287 
3288     /* Wait for the first serial output from the source */
3289     wait_for_serial("src_serial");
3290 
3291     migrate_qmp(from, to, NULL, NULL, "{}");
3292 
3293     migrate_wait_for_dirty_mem(from, to);
3294 
3295     migrate_cancel(from);
3296 
3297     /* Make sure QEMU process "to" exited */
3298     qtest_set_expected_status(to, EXIT_FAILURE);
3299     qtest_wait_qemu(to);
3300     qtest_quit(to);
3301 
3302     /*
3303      * Ensure the source QEMU finishes its cancellation process before we
3304      * proceed with the setup of the next migration. The test_migrate_start()
3305      * function and others might want to interact with the source in a way that
3306      * is not possible while the migration is not canceled properly. For
3307      * example, setting migration capabilities when the migration is still
3308      * running leads to an error.
3309      */
3310     wait_for_migration_status(from, "cancelled", NULL);
3311 
3312     args = (MigrateStart){
3313         .only_target = true,
3314     };
3315 
3316     if (test_migrate_start(&from, &to2, "defer", &args)) {
3317         return;
3318     }
3319 
3320     migrate_set_parameter_int(to2, "multifd-channels", 16);
3321 
3322     migrate_set_capability(to2, "multifd", true);
3323 
3324     /* Start incoming migration from the 1st socket */
3325     migrate_incoming_qmp(to2, "tcp:127.0.0.1:0", "{}");
3326 
3327     migrate_ensure_non_converge(from);
3328 
3329     migrate_qmp(from, to2, NULL, NULL, "{}");
3330 
3331     migrate_wait_for_dirty_mem(from, to2);
3332 
3333     migrate_ensure_converge(from);
3334 
3335     wait_for_stop(from, &src_state);
3336     qtest_qmp_eventwait(to2, "RESUME");
3337 
3338     wait_for_serial("dest_serial");
3339     wait_for_migration_complete(from);
3340     test_migrate_end(from, to2, true);
3341 }
3342 
3343 static void calc_dirty_rate(QTestState *who, uint64_t calc_time)
3344 {
3345     qtest_qmp_assert_success(who,
3346                              "{ 'execute': 'calc-dirty-rate',"
3347                              "'arguments': { "
3348                              "'calc-time': %" PRIu64 ","
3349                              "'mode': 'dirty-ring' }}",
3350                              calc_time);
3351 }
3352 
3353 static QDict *query_dirty_rate(QTestState *who)
3354 {
3355     return qtest_qmp_assert_success_ref(who,
3356                                         "{ 'execute': 'query-dirty-rate' }");
3357 }
3358 
3359 static void dirtylimit_set_all(QTestState *who, uint64_t dirtyrate)
3360 {
3361     qtest_qmp_assert_success(who,
3362                              "{ 'execute': 'set-vcpu-dirty-limit',"
3363                              "'arguments': { "
3364                              "'dirty-rate': %" PRIu64 " } }",
3365                              dirtyrate);
3366 }
3367 
3368 static void cancel_vcpu_dirty_limit(QTestState *who)
3369 {
3370     qtest_qmp_assert_success(who,
3371                              "{ 'execute': 'cancel-vcpu-dirty-limit' }");
3372 }
3373 
3374 static QDict *query_vcpu_dirty_limit(QTestState *who)
3375 {
3376     QDict *rsp;
3377 
3378     rsp = qtest_qmp(who, "{ 'execute': 'query-vcpu-dirty-limit' }");
3379     g_assert(!qdict_haskey(rsp, "error"));
3380     g_assert(qdict_haskey(rsp, "return"));
3381 
3382     return rsp;
3383 }
3384 
3385 static bool calc_dirtyrate_ready(QTestState *who)
3386 {
3387     QDict *rsp_return;
3388     const char *status;
3389     bool ready;
3390 
3391     rsp_return = query_dirty_rate(who);
3392     g_assert(rsp_return);
3393 
3394     status = qdict_get_str(rsp_return, "status");
3395     g_assert(status);
3396     ready = g_strcmp0(status, "measuring");
3397     qobject_unref(rsp_return);
3398 
3399     return ready;
3400 }
3401 
3402 static void wait_for_calc_dirtyrate_complete(QTestState *who,
3403                                              int64_t time_s)
3404 {
3405     int max_try_count = 10000;
3406     usleep(time_s * 1000000);
3407 
3408     while (!calc_dirtyrate_ready(who) && max_try_count--) {
3409         usleep(1000);
3410     }
3411 
3412     /*
3413      * Set the timeout with 10 s(max_try_count * 1000us),
3414      * if dirtyrate measurement not complete, fail test.
3415      */
3416     g_assert_cmpint(max_try_count, !=, 0);
3417 }
3418 
3419 static int64_t get_dirty_rate(QTestState *who)
3420 {
3421     QDict *rsp_return;
3422     const char *status;
3423     QList *rates;
3424     const QListEntry *entry;
3425     QDict *rate;
3426     int64_t dirtyrate;
3427 
3428     rsp_return = query_dirty_rate(who);
3429     g_assert(rsp_return);
3430 
3431     status = qdict_get_str(rsp_return, "status");
3432     g_assert(status);
3433     g_assert_cmpstr(status, ==, "measured");
3434 
3435     rates = qdict_get_qlist(rsp_return, "vcpu-dirty-rate");
3436     g_assert(rates && !qlist_empty(rates));
3437 
3438     entry = qlist_first(rates);
3439     g_assert(entry);
3440 
3441     rate = qobject_to(QDict, qlist_entry_obj(entry));
3442     g_assert(rate);
3443 
3444     dirtyrate = qdict_get_try_int(rate, "dirty-rate", -1);
3445 
3446     qobject_unref(rsp_return);
3447     return dirtyrate;
3448 }
3449 
3450 static int64_t get_limit_rate(QTestState *who)
3451 {
3452     QDict *rsp_return;
3453     QList *rates;
3454     const QListEntry *entry;
3455     QDict *rate;
3456     int64_t dirtyrate;
3457 
3458     rsp_return = query_vcpu_dirty_limit(who);
3459     g_assert(rsp_return);
3460 
3461     rates = qdict_get_qlist(rsp_return, "return");
3462     g_assert(rates && !qlist_empty(rates));
3463 
3464     entry = qlist_first(rates);
3465     g_assert(entry);
3466 
3467     rate = qobject_to(QDict, qlist_entry_obj(entry));
3468     g_assert(rate);
3469 
3470     dirtyrate = qdict_get_try_int(rate, "limit-rate", -1);
3471 
3472     qobject_unref(rsp_return);
3473     return dirtyrate;
3474 }
3475 
3476 static QTestState *dirtylimit_start_vm(void)
3477 {
3478     QTestState *vm = NULL;
3479     g_autofree gchar *cmd = NULL;
3480 
3481     bootfile_create(tmpfs, false);
3482     cmd = g_strdup_printf("-accel kvm,dirty-ring-size=4096 "
3483                           "-name dirtylimit-test,debug-threads=on "
3484                           "-m 150M -smp 1 "
3485                           "-serial file:%s/vm_serial "
3486                           "-drive file=%s,format=raw ",
3487                           tmpfs, bootpath);
3488 
3489     vm = qtest_init(cmd);
3490     return vm;
3491 }
3492 
3493 static void dirtylimit_stop_vm(QTestState *vm)
3494 {
3495     qtest_quit(vm);
3496     cleanup("vm_serial");
3497 }
3498 
3499 static void test_vcpu_dirty_limit(void)
3500 {
3501     QTestState *vm;
3502     int64_t origin_rate;
3503     int64_t quota_rate;
3504     int64_t rate ;
3505     int max_try_count = 20;
3506     int hit = 0;
3507 
3508     /* Start vm for vcpu dirtylimit test */
3509     vm = dirtylimit_start_vm();
3510 
3511     /* Wait for the first serial output from the vm*/
3512     wait_for_serial("vm_serial");
3513 
3514     /* Do dirtyrate measurement with calc time equals 1s */
3515     calc_dirty_rate(vm, 1);
3516 
3517     /* Sleep calc time and wait for calc dirtyrate complete */
3518     wait_for_calc_dirtyrate_complete(vm, 1);
3519 
3520     /* Query original dirty page rate */
3521     origin_rate = get_dirty_rate(vm);
3522 
3523     /* VM booted from bootsect should dirty memory steadily */
3524     assert(origin_rate != 0);
3525 
3526     /* Setup quota dirty page rate at half of origin */
3527     quota_rate = origin_rate / 2;
3528 
3529     /* Set dirtylimit */
3530     dirtylimit_set_all(vm, quota_rate);
3531 
3532     /*
3533      * Check if set-vcpu-dirty-limit and query-vcpu-dirty-limit
3534      * works literally
3535      */
3536     g_assert_cmpint(quota_rate, ==, get_limit_rate(vm));
3537 
3538     /* Sleep a bit to check if it take effect */
3539     usleep(2000000);
3540 
3541     /*
3542      * Check if dirtylimit take effect realistically, set the
3543      * timeout with 20 s(max_try_count * 1s), if dirtylimit
3544      * doesn't take effect, fail test.
3545      */
3546     while (--max_try_count) {
3547         calc_dirty_rate(vm, 1);
3548         wait_for_calc_dirtyrate_complete(vm, 1);
3549         rate = get_dirty_rate(vm);
3550 
3551         /*
3552          * Assume hitting if current rate is less
3553          * than quota rate (within accepting error)
3554          */
3555         if (rate < (quota_rate + DIRTYLIMIT_TOLERANCE_RANGE)) {
3556             hit = 1;
3557             break;
3558         }
3559     }
3560 
3561     g_assert_cmpint(hit, ==, 1);
3562 
3563     hit = 0;
3564     max_try_count = 20;
3565 
3566     /* Check if dirtylimit cancellation take effect */
3567     cancel_vcpu_dirty_limit(vm);
3568     while (--max_try_count) {
3569         calc_dirty_rate(vm, 1);
3570         wait_for_calc_dirtyrate_complete(vm, 1);
3571         rate = get_dirty_rate(vm);
3572 
3573         /*
3574          * Assume dirtylimit be canceled if current rate is
3575          * greater than quota rate (within accepting error)
3576          */
3577         if (rate > (quota_rate + DIRTYLIMIT_TOLERANCE_RANGE)) {
3578             hit = 1;
3579             break;
3580         }
3581     }
3582 
3583     g_assert_cmpint(hit, ==, 1);
3584     dirtylimit_stop_vm(vm);
3585 }
3586 
3587 static void migrate_dirty_limit_wait_showup(QTestState *from,
3588                                             const int64_t period,
3589                                             const int64_t value)
3590 {
3591     /* Enable dirty limit capability */
3592     migrate_set_capability(from, "dirty-limit", true);
3593 
3594     /* Set dirty limit parameters */
3595     migrate_set_parameter_int(from, "x-vcpu-dirty-limit-period", period);
3596     migrate_set_parameter_int(from, "vcpu-dirty-limit", value);
3597 
3598     /* Make sure migrate can't converge */
3599     migrate_ensure_non_converge(from);
3600 
3601     /* To check limit rate after precopy */
3602     migrate_set_capability(from, "pause-before-switchover", true);
3603 
3604     /* Wait for the serial output from the source */
3605     wait_for_serial("src_serial");
3606 }
3607 
3608 /*
3609  * This test does:
3610  *  source                          destination
3611  *  start vm
3612  *                                  start incoming vm
3613  *  migrate
3614  *  wait dirty limit to begin
3615  *  cancel migrate
3616  *  cancellation check
3617  *                                  restart incoming vm
3618  *  migrate
3619  *  wait dirty limit to begin
3620  *  wait pre-switchover event
3621  *  convergence condition check
3622  *
3623  * And see if dirty limit migration works correctly.
3624  * This test case involves many passes, so it runs in slow mode only.
3625  */
3626 static void test_migrate_dirty_limit(void)
3627 {
3628     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
3629     QTestState *from, *to;
3630     int64_t remaining;
3631     uint64_t throttle_us_per_full;
3632     /*
3633      * We want the test to be stable and as fast as possible.
3634      * E.g., with 1Gb/s bandwidth migration may pass without dirty limit,
3635      * so we need to decrease a bandwidth.
3636      */
3637     const int64_t dirtylimit_period = 1000, dirtylimit_value = 50;
3638     const int64_t max_bandwidth = 400000000; /* ~400Mb/s */
3639     const int64_t downtime_limit = 250; /* 250ms */
3640     /*
3641      * We migrate through unix-socket (> 500Mb/s).
3642      * Thus, expected migration speed ~= bandwidth limit (< 500Mb/s).
3643      * So, we can predict expected_threshold
3644      */
3645     const int64_t expected_threshold = max_bandwidth * downtime_limit / 1000;
3646     int max_try_count = 10;
3647     MigrateCommon args = {
3648         .start = {
3649             .hide_stderr = true,
3650             .use_dirty_ring = true,
3651         },
3652         .listen_uri = uri,
3653         .connect_uri = uri,
3654     };
3655 
3656     /* Start src, dst vm */
3657     if (test_migrate_start(&from, &to, args.listen_uri, &args.start)) {
3658         return;
3659     }
3660 
3661     /* Prepare for dirty limit migration and wait src vm show up */
3662     migrate_dirty_limit_wait_showup(from, dirtylimit_period, dirtylimit_value);
3663 
3664     /* Start migrate */
3665     migrate_qmp(from, to, args.connect_uri, NULL, "{}");
3666 
3667     /* Wait for dirty limit throttle begin */
3668     throttle_us_per_full = 0;
3669     while (throttle_us_per_full == 0) {
3670         throttle_us_per_full =
3671         read_migrate_property_int(from, "dirty-limit-throttle-time-per-round");
3672         usleep(100);
3673         g_assert_false(src_state.stop_seen);
3674     }
3675 
3676     /* Now cancel migrate and wait for dirty limit throttle switch off */
3677     migrate_cancel(from);
3678     wait_for_migration_status(from, "cancelled", NULL);
3679 
3680     /* Check if dirty limit throttle switched off, set timeout 1ms */
3681     do {
3682         throttle_us_per_full =
3683         read_migrate_property_int(from, "dirty-limit-throttle-time-per-round");
3684         usleep(100);
3685         g_assert_false(src_state.stop_seen);
3686     } while (throttle_us_per_full != 0 && --max_try_count);
3687 
3688     /* Assert dirty limit is not in service */
3689     g_assert_cmpint(throttle_us_per_full, ==, 0);
3690 
3691     args = (MigrateCommon) {
3692         .start = {
3693             .only_target = true,
3694             .use_dirty_ring = true,
3695         },
3696         .listen_uri = uri,
3697         .connect_uri = uri,
3698     };
3699 
3700     /* Restart dst vm, src vm already show up so we needn't wait anymore */
3701     if (test_migrate_start(&from, &to, args.listen_uri, &args.start)) {
3702         return;
3703     }
3704 
3705     /* Start migrate */
3706     migrate_qmp(from, to, args.connect_uri, NULL, "{}");
3707 
3708     /* Wait for dirty limit throttle begin */
3709     throttle_us_per_full = 0;
3710     while (throttle_us_per_full == 0) {
3711         throttle_us_per_full =
3712         read_migrate_property_int(from, "dirty-limit-throttle-time-per-round");
3713         usleep(100);
3714         g_assert_false(src_state.stop_seen);
3715     }
3716 
3717     /*
3718      * The dirty limit rate should equals the return value of
3719      * query-vcpu-dirty-limit if dirty limit cap set
3720      */
3721     g_assert_cmpint(dirtylimit_value, ==, get_limit_rate(from));
3722 
3723     /* Now, we have tested if dirty limit works, let it converge */
3724     migrate_set_parameter_int(from, "downtime-limit", downtime_limit);
3725     migrate_set_parameter_int(from, "max-bandwidth", max_bandwidth);
3726 
3727     /*
3728      * Wait for pre-switchover status to check if migration
3729      * satisfy the convergence condition
3730      */
3731     wait_for_migration_status(from, "pre-switchover", NULL);
3732 
3733     remaining = read_ram_property_int(from, "remaining");
3734     g_assert_cmpint(remaining, <,
3735                     (expected_threshold + expected_threshold / 100));
3736 
3737     migrate_continue(from, "pre-switchover");
3738 
3739     qtest_qmp_eventwait(to, "RESUME");
3740 
3741     wait_for_serial("dest_serial");
3742     wait_for_migration_complete(from);
3743 
3744     test_migrate_end(from, to, true);
3745 }
3746 
3747 static bool kvm_dirty_ring_supported(void)
3748 {
3749 #if defined(__linux__) && defined(HOST_X86_64)
3750     int ret, kvm_fd = open("/dev/kvm", O_RDONLY);
3751 
3752     if (kvm_fd < 0) {
3753         return false;
3754     }
3755 
3756     ret = ioctl(kvm_fd, KVM_CHECK_EXTENSION, KVM_CAP_DIRTY_LOG_RING);
3757     close(kvm_fd);
3758 
3759     /* We test with 4096 slots */
3760     if (ret < 4096) {
3761         return false;
3762     }
3763 
3764     return true;
3765 #else
3766     return false;
3767 #endif
3768 }
3769 
3770 int main(int argc, char **argv)
3771 {
3772     bool has_kvm, has_tcg;
3773     bool has_uffd, is_x86;
3774     const char *arch;
3775     g_autoptr(GError) err = NULL;
3776     const char *qemu_src = getenv(QEMU_ENV_SRC);
3777     const char *qemu_dst = getenv(QEMU_ENV_DST);
3778     int ret;
3779 
3780     g_test_init(&argc, &argv, NULL);
3781 
3782     /*
3783      * The default QTEST_QEMU_BINARY must always be provided because
3784      * that is what helpers use to query the accel type and
3785      * architecture.
3786      */
3787     if (qemu_src && qemu_dst) {
3788         g_test_message("Only one of %s, %s is allowed",
3789                        QEMU_ENV_SRC, QEMU_ENV_DST);
3790         exit(1);
3791     }
3792 
3793     has_kvm = qtest_has_accel("kvm");
3794     has_tcg = qtest_has_accel("tcg");
3795 
3796     if (!has_tcg && !has_kvm) {
3797         g_test_skip("No KVM or TCG accelerator available");
3798         return 0;
3799     }
3800 
3801     has_uffd = ufd_version_check();
3802     arch = qtest_get_arch();
3803     is_x86 = !strcmp(arch, "i386") || !strcmp(arch, "x86_64");
3804 
3805     tmpfs = g_dir_make_tmp("migration-test-XXXXXX", &err);
3806     if (!tmpfs) {
3807         g_test_message("Can't create temporary directory in %s: %s",
3808                        g_get_tmp_dir(), err->message);
3809     }
3810     g_assert(tmpfs);
3811 
3812     module_call_init(MODULE_INIT_QOM);
3813 
3814     migration_test_add("/migration/bad_dest", test_baddest);
3815 #ifndef _WIN32
3816     migration_test_add("/migration/analyze-script", test_analyze_script);
3817 #endif
3818 
3819     if (is_x86) {
3820         migration_test_add("/migration/precopy/unix/suspend/live",
3821                            test_precopy_unix_suspend_live);
3822         migration_test_add("/migration/precopy/unix/suspend/notlive",
3823                            test_precopy_unix_suspend_notlive);
3824     }
3825 
3826     if (has_uffd) {
3827         migration_test_add("/migration/postcopy/plain", test_postcopy);
3828         migration_test_add("/migration/postcopy/recovery/plain",
3829                            test_postcopy_recovery);
3830         migration_test_add("/migration/postcopy/preempt/plain",
3831                            test_postcopy_preempt);
3832         migration_test_add("/migration/postcopy/preempt/recovery/plain",
3833                            test_postcopy_preempt_recovery);
3834         migration_test_add("/migration/postcopy/recovery/double-failures/handshake",
3835                            test_postcopy_recovery_fail_handshake);
3836         migration_test_add("/migration/postcopy/recovery/double-failures/reconnect",
3837                            test_postcopy_recovery_fail_reconnect);
3838         if (is_x86) {
3839             migration_test_add("/migration/postcopy/suspend",
3840                                test_postcopy_suspend);
3841         }
3842     }
3843 
3844     migration_test_add("/migration/precopy/unix/plain",
3845                        test_precopy_unix_plain);
3846     if (g_test_slow()) {
3847         migration_test_add("/migration/precopy/unix/xbzrle",
3848                            test_precopy_unix_xbzrle);
3849     }
3850     migration_test_add("/migration/precopy/file",
3851                        test_precopy_file);
3852     migration_test_add("/migration/precopy/file/offset",
3853                        test_precopy_file_offset);
3854 #ifndef _WIN32
3855     migration_test_add("/migration/precopy/file/offset/fdset",
3856                        test_precopy_file_offset_fdset);
3857 #endif
3858     migration_test_add("/migration/precopy/file/offset/bad",
3859                        test_precopy_file_offset_bad);
3860 
3861     /*
3862      * Our CI system has problems with shared memory.
3863      * Don't run this test until we find a workaround.
3864      */
3865     if (getenv("QEMU_TEST_FLAKY_TESTS")) {
3866         migration_test_add("/migration/mode/reboot", test_mode_reboot);
3867     }
3868 
3869     migration_test_add("/migration/precopy/file/mapped-ram",
3870                        test_precopy_file_mapped_ram);
3871     migration_test_add("/migration/precopy/file/mapped-ram/live",
3872                        test_precopy_file_mapped_ram_live);
3873 
3874     migration_test_add("/migration/multifd/file/mapped-ram",
3875                        test_multifd_file_mapped_ram);
3876     migration_test_add("/migration/multifd/file/mapped-ram/live",
3877                        test_multifd_file_mapped_ram_live);
3878 
3879     migration_test_add("/migration/multifd/file/mapped-ram/dio",
3880                        test_multifd_file_mapped_ram_dio);
3881 
3882 #ifndef _WIN32
3883     migration_test_add("/migration/multifd/file/mapped-ram/fdset",
3884                        test_multifd_file_mapped_ram_fdset);
3885     migration_test_add("/migration/multifd/file/mapped-ram/fdset/dio",
3886                        test_multifd_file_mapped_ram_fdset_dio);
3887 #endif
3888 
3889 #ifdef CONFIG_GNUTLS
3890     migration_test_add("/migration/precopy/unix/tls/psk",
3891                        test_precopy_unix_tls_psk);
3892 
3893     if (has_uffd) {
3894         /*
3895          * NOTE: psk test is enough for postcopy, as other types of TLS
3896          * channels are tested under precopy.  Here what we want to test is the
3897          * general postcopy path that has TLS channel enabled.
3898          */
3899         migration_test_add("/migration/postcopy/tls/psk",
3900                            test_postcopy_tls_psk);
3901         migration_test_add("/migration/postcopy/recovery/tls/psk",
3902                            test_postcopy_recovery_tls_psk);
3903         migration_test_add("/migration/postcopy/preempt/tls/psk",
3904                            test_postcopy_preempt_tls_psk);
3905         migration_test_add("/migration/postcopy/preempt/recovery/tls/psk",
3906                            test_postcopy_preempt_all);
3907     }
3908 #ifdef CONFIG_TASN1
3909     migration_test_add("/migration/precopy/unix/tls/x509/default-host",
3910                        test_precopy_unix_tls_x509_default_host);
3911     migration_test_add("/migration/precopy/unix/tls/x509/override-host",
3912                        test_precopy_unix_tls_x509_override_host);
3913 #endif /* CONFIG_TASN1 */
3914 #endif /* CONFIG_GNUTLS */
3915 
3916     migration_test_add("/migration/precopy/tcp/plain", test_precopy_tcp_plain);
3917 
3918     migration_test_add("/migration/precopy/tcp/plain/switchover-ack",
3919                        test_precopy_tcp_switchover_ack);
3920 
3921 #ifdef CONFIG_GNUTLS
3922     migration_test_add("/migration/precopy/tcp/tls/psk/match",
3923                        test_precopy_tcp_tls_psk_match);
3924     migration_test_add("/migration/precopy/tcp/tls/psk/mismatch",
3925                        test_precopy_tcp_tls_psk_mismatch);
3926 #ifdef CONFIG_TASN1
3927     migration_test_add("/migration/precopy/tcp/tls/x509/default-host",
3928                        test_precopy_tcp_tls_x509_default_host);
3929     migration_test_add("/migration/precopy/tcp/tls/x509/override-host",
3930                        test_precopy_tcp_tls_x509_override_host);
3931     migration_test_add("/migration/precopy/tcp/tls/x509/mismatch-host",
3932                        test_precopy_tcp_tls_x509_mismatch_host);
3933     migration_test_add("/migration/precopy/tcp/tls/x509/friendly-client",
3934                        test_precopy_tcp_tls_x509_friendly_client);
3935     migration_test_add("/migration/precopy/tcp/tls/x509/hostile-client",
3936                        test_precopy_tcp_tls_x509_hostile_client);
3937     migration_test_add("/migration/precopy/tcp/tls/x509/allow-anon-client",
3938                        test_precopy_tcp_tls_x509_allow_anon_client);
3939     migration_test_add("/migration/precopy/tcp/tls/x509/reject-anon-client",
3940                        test_precopy_tcp_tls_x509_reject_anon_client);
3941 #endif /* CONFIG_TASN1 */
3942 #endif /* CONFIG_GNUTLS */
3943 
3944     /* migration_test_add("/migration/ignore_shared", test_ignore_shared); */
3945 #ifndef _WIN32
3946     migration_test_add("/migration/precopy/fd/tcp",
3947                        test_migrate_precopy_fd_socket);
3948     migration_test_add("/migration/precopy/fd/file",
3949                        test_migrate_precopy_fd_file);
3950 #endif
3951     migration_test_add("/migration/validate_uuid", test_validate_uuid);
3952     migration_test_add("/migration/validate_uuid_error",
3953                        test_validate_uuid_error);
3954     migration_test_add("/migration/validate_uuid_src_not_set",
3955                        test_validate_uuid_src_not_set);
3956     migration_test_add("/migration/validate_uuid_dst_not_set",
3957                        test_validate_uuid_dst_not_set);
3958     migration_test_add("/migration/validate_uri/channels/both_set",
3959                        test_validate_uri_channels_both_set);
3960     migration_test_add("/migration/validate_uri/channels/none_set",
3961                        test_validate_uri_channels_none_set);
3962     /*
3963      * See explanation why this test is slow on function definition
3964      */
3965     if (g_test_slow()) {
3966         migration_test_add("/migration/auto_converge",
3967                            test_migrate_auto_converge);
3968         if (g_str_equal(arch, "x86_64") &&
3969             has_kvm && kvm_dirty_ring_supported()) {
3970             migration_test_add("/migration/dirty_limit",
3971                                test_migrate_dirty_limit);
3972         }
3973     }
3974     migration_test_add("/migration/multifd/tcp/uri/plain/none",
3975                        test_multifd_tcp_uri_none);
3976     migration_test_add("/migration/multifd/tcp/channels/plain/none",
3977                        test_multifd_tcp_channels_none);
3978     migration_test_add("/migration/multifd/tcp/plain/zero-page/legacy",
3979                        test_multifd_tcp_zero_page_legacy);
3980     migration_test_add("/migration/multifd/tcp/plain/zero-page/none",
3981                        test_multifd_tcp_no_zero_page);
3982     migration_test_add("/migration/multifd/tcp/plain/cancel",
3983                        test_multifd_tcp_cancel);
3984     migration_test_add("/migration/multifd/tcp/plain/zlib",
3985                        test_multifd_tcp_zlib);
3986 #ifdef CONFIG_ZSTD
3987     migration_test_add("/migration/multifd/tcp/plain/zstd",
3988                        test_multifd_tcp_zstd);
3989 #endif
3990 #ifdef CONFIG_QATZIP
3991     migration_test_add("/migration/multifd/tcp/plain/qatzip",
3992                 test_multifd_tcp_qatzip);
3993 #endif
3994 #ifdef CONFIG_QPL
3995     migration_test_add("/migration/multifd/tcp/plain/qpl",
3996                        test_multifd_tcp_qpl);
3997 #endif
3998 #ifdef CONFIG_UADK
3999     migration_test_add("/migration/multifd/tcp/plain/uadk",
4000                        test_multifd_tcp_uadk);
4001 #endif
4002 #ifdef CONFIG_GNUTLS
4003     migration_test_add("/migration/multifd/tcp/tls/psk/match",
4004                        test_multifd_tcp_tls_psk_match);
4005     migration_test_add("/migration/multifd/tcp/tls/psk/mismatch",
4006                        test_multifd_tcp_tls_psk_mismatch);
4007 #ifdef CONFIG_TASN1
4008     migration_test_add("/migration/multifd/tcp/tls/x509/default-host",
4009                        test_multifd_tcp_tls_x509_default_host);
4010     migration_test_add("/migration/multifd/tcp/tls/x509/override-host",
4011                        test_multifd_tcp_tls_x509_override_host);
4012     migration_test_add("/migration/multifd/tcp/tls/x509/mismatch-host",
4013                        test_multifd_tcp_tls_x509_mismatch_host);
4014     migration_test_add("/migration/multifd/tcp/tls/x509/allow-anon-client",
4015                        test_multifd_tcp_tls_x509_allow_anon_client);
4016     migration_test_add("/migration/multifd/tcp/tls/x509/reject-anon-client",
4017                        test_multifd_tcp_tls_x509_reject_anon_client);
4018 #endif /* CONFIG_TASN1 */
4019 #endif /* CONFIG_GNUTLS */
4020 
4021     if (g_str_equal(arch, "x86_64") && has_kvm && kvm_dirty_ring_supported()) {
4022         migration_test_add("/migration/dirty_ring",
4023                            test_precopy_unix_dirty_ring);
4024         if (qtest_has_machine("pc") && g_test_slow()) {
4025             migration_test_add("/migration/vcpu_dirty_limit",
4026                                test_vcpu_dirty_limit);
4027         }
4028     }
4029 
4030     ret = g_test_run();
4031 
4032     g_assert_cmpint(ret, ==, 0);
4033 
4034     bootfile_delete();
4035     ret = rmdir(tmpfs);
4036     if (ret != 0) {
4037         g_test_message("unable to rmdir: path (%s): %s",
4038                        tmpfs, strerror(errno));
4039     }
4040     g_free(tmpfs);
4041 
4042     return ret;
4043 }
4044