Implement circuitmux_assert_okay() and helper functions in circuitmux.c

src/or/circuitmux.c

@@ -110,6 +110,8 @@ struct circuit_muxinfo_s {
   cell_direction_t direction;
   /* Policy-specific data */
   circuitmux_policy_circ_data_t *policy_data;
+  /* Mark bit for consistency checker */
+  unsigned int mark:1;
 };
 
 /*
@@ -148,6 +150,9 @@ static INLINE circuit_t **
 circuitmux_next_active_circ_p(circuitmux_t *cmux, circuit_t *circ);
 static INLINE circuit_t **
 circuitmux_prev_active_circ_p(circuitmux_t *cmux, circuit_t *circ);
+static void circuitmux_assert_okay_pass_one(circuitmux_t *cmux);
+static void circuitmux_assert_okay_pass_two(circuitmux_t *cmux);
+static void circuitmux_assert_okay_pass_three(circuitmux_t *cmux);
 
 /* Function definitions */
 
@@ -1346,3 +1351,284 @@ circuitmux_notify_xmit_cells(circuitmux_t *cmux, circuit_t *circ,
   }
 }
 
+/*
+ * Circuitmux consistency checking assertions
+ */
+
+/**
+ * Check that circuitmux data structures are consistent and fail with an
+ * assert if not.
+ */
+
+void
+circuitmux_assert_okay(circuitmux_t *cmux)
+{
+  tor_assert(cmux);
+
+  /*
+   * Pass 1: iterate the hash table; for each entry:
+   *  a) Check that the circuit has this cmux for n_mux or p_mux
+   *  b) If the cell_count is > 0, set the mark bit; otherwise clear it
+   *  c) Also check activeness (cell_count > 0 should be active)
+   *  d) Count the number of circuits, active circuits and queued cells
+   *     and at the end check that they match the counters in the cmux.
+   *
+   * Pass 2: iterate the active circuits list; for each entry,
+   *         make sure the circuit is attached to this mux and appears
+   *         in the hash table.  Make sure the mark bit is 1, and clear
+   *         it in the hash table entry.  Consistency-check the linked
+   *         list pointers.
+   *
+   * Pass 3: iterate the hash table again; assert if any active circuits
+   *         (mark bit set to 1) are discovered that weren't cleared in pass 2
+   *         (don't appear in the linked list).
+   */
+
+  circuitmux_assert_okay_pass_one(cmux);
+  circuitmux_assert_okay_pass_two(cmux);
+  circuitmux_assert_okay_pass_three(cmux);
+}
+
+/**
+ * Do the first pass of circuitmux_assert_okay(); see the comment in that
+ * function.
+ */
+
+static void
+circuitmux_assert_okay_pass_one(circuitmux_t *cmux)
+{
+  chanid_circid_muxinfo_t **i = NULL;
+  uint64_t chan_id;
+  channel_t *chan;
+  circid_t circ_id;
+  circuit_t *circ;
+  or_circuit_t *or_circ;
+  unsigned int circ_is_active;
+  circuit_t **next_p, **prev_p;
+  unsigned int n_circuits, n_active_circuits, n_cells;
+
+  tor_assert(cmux);
+  tor_assert(cmux->chanid_circid_map);
+
+  /* Reset the counters */
+  n_circuits = n_active_circuits = n_cells = 0;
+  /* Start iterating the hash table */
+  i = HT_START(chanid_circid_muxinfo_map, cmux->chanid_circid_map);
+  while (i) {
+    /* Assert that the hash table entry isn't null */
+    tor_assert(*i);
+
+    /* Get the channel and circuit id */
+    chan_id = (*i)->chan_id;
+    circ_id = (*i)->circ_id;
+
+    /* Find the channel and circuit, assert that they exist */
+    chan = channel_find_by_global_id(chan_id);
+    tor_assert(chan);
+    circ = circuit_get_by_circid_channel(circ_id, chan);
+    tor_assert(circ);
+
+    /* Clear the circ_is_active bit to start */
+    circ_is_active = 0;
+
+    /* Assert that we know which direction this is going */
+    tor_assert((*i)->muxinfo.direction == CELL_DIRECTION_OUT ||
+               (*i)->muxinfo.direction == CELL_DIRECTION_IN);
+
+    if ((*i)->muxinfo.direction == CELL_DIRECTION_OUT) {
+      /* We should be n_mux on this circuit */
+      tor_assert(cmux == circ->n_mux);
+      tor_assert(chan == circ->n_chan);
+      /* Get next and prev for next test */
+      next_p = &(circ->next_active_on_n_chan);
+      prev_p = &(circ->prev_active_on_n_chan);
+    } else {
+      /* This should be an or_circuit_t and we should be p_mux */
+      or_circ = TO_OR_CIRCUIT(circ);
+      tor_assert(cmux == or_circ->p_mux);
+      tor_assert(chan == or_circ->p_chan);
+      /* Get next and prev for next test */
+      next_p = &(or_circ->next_active_on_p_chan);
+      prev_p = &(or_circ->prev_active_on_p_chan);
+    }
+
+    /*
+     * Should this circuit be active?  I.e., does the mux know about > 0
+     * cells on it?
+     */
+    circ_is_active = ((*i)->muxinfo.cell_count > 0);
+
+    /* It should be in the linked list iff it's active */
+    if (circ_is_active) {
+      /* Either we have a next link or we are the tail */
+      tor_assert(*next_p || (circ == cmux->active_circuits_tail));
+      /* Either we have a prev link or we are the head */
+      tor_assert(*prev_p || (circ == cmux->active_circuits_head));
+      /* Increment the active circuits counter */
+      ++n_active_circuits;
+    } else {
+      /* Shouldn't be in list, so no next or prev link */
+      tor_assert(!(*next_p));
+      tor_assert(!(*prev_p));
+      /* And can't be head or tail */
+      tor_assert(circ != cmux->active_circuits_head);
+      tor_assert(circ != cmux->active_circuits_tail);
+    }
+
+    /* Increment the circuits counter */
+    ++n_circuits;
+    /* Adjust the cell counter */
+    n_cells += (*i)->muxinfo.cell_count;
+
+    /* Set the mark bit to circ_is_active */
+    (*i)->muxinfo.mark = circ_is_active;
+
+    /* Advance to the next entry */
+    i = HT_NEXT(chanid_circid_muxinfo_map, cmux->chanid_circid_map, i);
+  }
+
+  /* Now check the counters */
+  tor_assert(n_cells == cmux->n_cells);
+  tor_assert(n_circuits == cmux->n_circuits);
+  tor_assert(n_active_circuits == cmux->n_active_circuits);
+}
+
+/**
+ * Do the second pass of circuitmux_assert_okay(); see the comment in that
+ * function.
+ */
+
+static void
+circuitmux_assert_okay_pass_two(circuitmux_t *cmux)
+{
+  circuit_t *curr_circ, *prev_circ = NULL, *next_circ;
+  or_circuit_t *curr_or_circ;
+  uint64_t curr_chan_id;
+  circid_t curr_circ_id;
+  circuit_t **next_p, **prev_p;
+  channel_t *chan;
+  unsigned int n_active_circuits = 0;
+  cell_direction_t direction;
+  chanid_circid_muxinfo_t search, *hashent = NULL;
+
+  tor_assert(cmux);
+  tor_assert(cmux->chanid_circid_map);
+
+  /*
+   * Walk the linked list of active circuits in cmux; keep track of the
+   * previous circuit seen for consistency checking purposes.  Count them
+   * to make sure the number in the linked list matches
+   * cmux->n_active_circuits.
+   */
+  curr_circ = cmux->active_circuits_head;
+  while (curr_circ) {
+    /* Reset some things */
+    chan = NULL;
+    curr_or_circ = NULL;
+    next_circ = NULL;
+    next_p = prev_p = NULL;
+    direction = 0;
+
+    /* Figure out if this is n_mux or p_mux */
+    if (cmux == curr_circ->n_mux) {
+      /* Get next_p and prev_p */
+      next_p = &(curr_circ->next_active_on_n_chan);
+      prev_p = &(curr_circ->prev_active_on_n_chan);
+      /* Get the channel */
+      chan = curr_circ->n_chan;
+      /* Get the circuit id */
+      curr_circ_id = curr_circ->n_circ_id;
+      /* Remember the direction */
+      direction = CELL_DIRECTION_OUT;
+    } else {
+      /* We must be p_mux and this must be an or_circuit_t */
+      curr_or_circ = TO_OR_CIRCUIT(curr_circ);
+      tor_assert(cmux == curr_or_circ->p_mux);
+      /* Get next_p and prev_p */
+      next_p = &(curr_or_circ->next_active_on_p_chan);
+      prev_p = &(curr_or_circ->prev_active_on_p_chan);
+      /* Get the channel */
+      chan = curr_or_circ->p_chan;
+      /* Get the circuit id */
+      curr_circ_id = curr_or_circ->p_circ_id;
+      /* Remember the direction */
+      direction = CELL_DIRECTION_IN;
+    }
+
+    /* Assert that we got a channel and get the channel ID */
+    tor_assert(chan);
+    curr_chan_id = chan->global_identifier;
+
+    /* Assert that prev_p points to last circuit we saw */
+    tor_assert(*prev_p == prev_circ);
+    /* If that's NULL, assert that we are the head */
+    if (!(*prev_p)) tor_assert(curr_circ == cmux->active_circuits_head);
+
+    /* Get the next circuit */
+    next_circ = *next_p;
+    /* If it's NULL, assert that we are the tail */
+    if (!(*next_p)) tor_assert(curr_circ == cmux->active_circuits_tail);
+
+    /* Now find the hash table entry for this circuit */
+    search.chan_id = curr_chan_id;
+    search.circ_id = curr_circ_id;
+    hashent = HT_FIND(chanid_circid_muxinfo_map, cmux->chanid_circid_map,
+                      &search);
+
+    /* Assert that we have one */
+    tor_assert(hashent);
+
+    /* Assert that the direction matches */
+    tor_assert(direction == hashent->muxinfo.direction);
+
+    /* Assert that the hash entry got marked in pass one */
+    tor_assert(hashent->muxinfo.mark);
+
+    /* Clear the mark */
+    hashent->muxinfo.mark = 0;
+
+    /* Increment the counter */
+    ++n_active_circuits;
+
+    /* Advance to the next active circuit and update prev_circ */
+    prev_circ = curr_circ;
+    curr_circ = next_circ;
+  }
+
+  /* Assert that the counter matches the cmux */
+  tor_assert(n_active_circuits == cmux->n_active_circuits);
+}
+
+/**
+ * Do the third pass of circuitmux_assert_okay(); see the comment in that
+ * function.
+ */
+
+static void
+circuitmux_assert_okay_pass_three(circuitmux_t *cmux)
+{
+  chanid_circid_muxinfo_t **i = NULL;
+
+  tor_assert(cmux);
+  tor_assert(cmux->chanid_circid_map);
+
+  /* Start iterating the hash table */
+  i = HT_START(chanid_circid_muxinfo_map, cmux->chanid_circid_map);
+
+  /* Advance through each entry */
+  while (i) {
+    /* Assert that it isn't null */
+    tor_assert(*i);
+
+    /*
+     * Assert that this entry is not marked - i.e., that either we didn't
+     * think it should be active in pass one or we saw it in the active
+     * circuits linked list.
+     */
+    tor_assert(!((*i)->muxinfo.mark));
+
+    /* Advance to the next entry */
+    i = HT_NEXT(chanid_circid_muxinfo_map, cmux->chanid_circid_map, i);
+  }
+}
+