/*
 * This file and its contents are supplied under the terms of the
 * Common Development and Distribution License ("CDDL"), version 1.0.
 * You may only use this file in accordance with the terms of version
 * 1.0 of the CDDL.
 *
 * A full copy of the text of the CDDL should have accompanied this
 * source.  A copy of the CDDL is also available via the Internet at
 * http://www.illumos.org/license/CDDL.
 */

/*
 * Copyright 2024 Oxide Computer Company
 */

/*
 * The purpose of this test is to ensure that we honor several aspects of our
 * lock ordering. In particular we want to validate the following our starvation
 * properties, that is that blocking writers should take priority ahead of
 * blocking readers and that the controller lock takes priority over various
 * namespace locks. While we test all kinds of locks here, we only use the
 * controller fd here to simplify the test design.
 *
 * To do this, we utilize our blocking locks. In particular, we take a first
 * lock and then spin up threads that should all block on that. To deal with the
 * inherit race of knowing when a thread is blocked or not, we utilize libproc
 * and wait until the thread has the PR_ASLEEP flag set and that it's in an
 * ioctl system call. This ensures that the folks that are present are added in
 * the appropriate order.
 */

#include <err.h>
#include <stdlib.h>
#include <unistd.h>
#include <stdbool.h>
#include <sys/sysmacros.h>
#include <sys/debug.h>
#include <thread.h>
#include <synch.h>
#include <strings.h>

#include "nvme_ioctl_util.h"

/*
 * Maximum number of threads that we'll spin up for locks.
 */
#define	MAX_LOCKS	10

typedef struct {
	thread_t loi_thread;
	const nvme_ioctl_lock_t *loi_lock;
} lock_order_info_t;

static mutex_t lock_mutex;
static lock_order_info_t lock_results[MAX_LOCKS];
static uint32_t lock_nextres;
static bool lock_valid;

typedef struct lock_order_test lock_order_test_t;
typedef bool (*lock_order_valif_f)(const lock_order_test_t *, uint32_t);

struct lock_order_test {
	const char *lot_desc;
	const nvme_ioctl_lock_t *lot_initlock;
	const nvme_ioctl_lock_t *lot_locks[MAX_LOCKS];
	lock_order_valif_f lot_verif;
};

static void
lock_verify_dump(void)
{
	for (size_t i = 0; i < lock_nextres; i++) {
		const nvme_ioctl_lock_t *lock = lock_results[i].loi_lock;
		const char *targ = lock->nil_ent == NVME_LOCK_E_CTRL ?
		    "controller" : "namespace";
		const char *level = lock->nil_level == NVME_LOCK_L_READ ?
		    "read" : "write";
		(void) printf("\t[%zu] = { %s, %s }\n", i, targ, level);
	}
}

/*
 * Verify that a given number of writers in the test are all found ahead of any
 * readers found in the test.
 */
static bool
lock_verify_write_before_read(const lock_order_test_t *test, uint32_t nthr)
{
	bool pass = true;
	size_t nwrite = 0;
	size_t nread = 0;

	for (size_t i = 0; i < MAX_LOCKS; i++) {
		if (test->lot_locks[i] == NULL)
			break;
		if (test->lot_locks[i]->nil_level == NVME_LOCK_L_READ) {
			nread++;
		} else {
			nwrite++;
		}
	}
	VERIFY3U(nwrite + nread, ==, nthr);

	mutex_enter(&lock_mutex);
	for (size_t i = 0; i < nthr; i++) {
		nvme_lock_level_t exp_level;
		const char *str;
		const lock_order_info_t *res = &lock_results[i];

		if (nwrite > 0) {
			exp_level = NVME_LOCK_L_WRITE;
			str = "WRITE";
			nwrite--;
		} else {
			exp_level = NVME_LOCK_L_READ;
			str = "READ";
			nread--;
		}

		if (exp_level != res->loi_lock->nil_level) {
			pass = false;
			warnx("TEST FAILED: %s: lock %zu (tid %u, ent %u, "
			    "level %u) was the wrong level, expected level %u "
			    "(%s)", test->lot_desc, i, res->loi_thread,
			    res->loi_lock->nil_ent, res->loi_lock->nil_level,
			    exp_level, str);
		}
	}
	VERIFY3U(nwrite, ==, 0);
	VERIFY3U(nread, ==, 0);

	if (!pass) {
		lock_verify_dump();
	}
	mutex_exit(&lock_mutex);

	return (pass);
}

/*
 * This verifies that all controller level locks should come in the order before
 * the namespace locks. Note, this also calls the write before read checks and
 * therefore assumes that we have an ordering that supports that.
 */
static bool
lock_verify_ctrl_before_ns(const lock_order_test_t *test, uint32_t nthr)
{
	bool pass = true;
	size_t nctrl = 0;
	size_t nns = 0;

	for (size_t i = 0; i < MAX_LOCKS; i++) {
		if (test->lot_locks[i] == NULL)
			break;
		if (test->lot_locks[i]->nil_ent == NVME_LOCK_E_CTRL) {
			nctrl++;
		} else {
			nns++;
		}
	}
	VERIFY3U(nctrl + nns, ==, nthr);

	mutex_enter(&lock_mutex);
	for (size_t i = 0; i < nthr; i++) {
		nvme_lock_ent_t exp_ent;
		const char *str;
		const lock_order_info_t *res = &lock_results[i];

		if (nctrl > 0) {
			exp_ent = NVME_LOCK_E_CTRL;
			str = "ctrl";
			nctrl--;
		} else {
			exp_ent = NVME_LOCK_E_NS;
			str = "ns";
			nns--;
		}

		if (exp_ent != res->loi_lock->nil_ent) {
			pass = false;
			warnx("TEST FAILED: %s: lock %zu (tid %u, ent %u, "
			    "level %u) was the wrong entity, expected type %u "
			    "(%s)", test->lot_desc, i, res->loi_thread,
			    res->loi_lock->nil_ent, res->loi_lock->nil_level,
			    exp_ent, str);
		}
	}

	VERIFY3U(nctrl, ==, 0);
	VERIFY3U(nns, ==, 0);

	if (!pass) {
		lock_verify_dump();
	}
	mutex_exit(&lock_mutex);

	return (pass);
}

static bool
lock_verif_ent_level(const lock_order_test_t *test, uint32_t nthr)
{
	bool pass = true;

	if (!lock_verify_ctrl_before_ns(test, nthr))
		pass = false;
	if (!lock_verify_write_before_read(test, nthr))
		pass = false;
	return (pass);
}

/*
 * The descriptions below are fashioned with the starting lock followed by what
 * order we're testing.
 */
static const lock_order_test_t lock_order_tests[] = { {
	.lot_desc = "ns(rd): pending ns writer doesn't allow more ns readers",
	.lot_initlock = &nvme_test_ns_rdlock,
	.lot_locks = { &nvme_test_ns_wrlock, &nvme_test_ns_rdlock },
	.lot_verif = lock_verify_write_before_read,
}, {
	.lot_desc = "ns(wr): pending ns writer beats waiting ns reader",
	.lot_initlock = &nvme_test_ns_wrlock,
	.lot_locks = { &nvme_test_ns_rdlock, &nvme_test_ns_wrlock },
	.lot_verif = lock_verify_write_before_read,
}, {
	.lot_desc = "ns(rd): all pend ns writers beat prior pend readers",
	.lot_initlock = &nvme_test_ns_rdlock,
	.lot_locks = { &nvme_test_ns_wrlock, &nvme_test_ns_rdlock,
	    &nvme_test_ns_rdlock, &nvme_test_ns_wrlock, &nvme_test_ns_rdlock,
	    &nvme_test_ns_wrlock },
	.lot_verif = lock_verify_write_before_read,
}, {
	.lot_desc = "ns(rd): pending ctrl writer doesn't allow more ns readers",
	.lot_initlock = &nvme_test_ns_rdlock,
	.lot_locks = { &nvme_test_ctrl_wrlock, &nvme_test_ns_rdlock,
	    &nvme_test_ns_rdlock },
	.lot_verif = lock_verify_write_before_read,
}, {
	.lot_desc = "ns(wr): pending ctrl writer beats prior pend ns readers",
	.lot_initlock = &nvme_test_ns_wrlock,
	.lot_locks = { &nvme_test_ns_rdlock, &nvme_test_ns_rdlock,
	    &nvme_test_ctrl_wrlock, &nvme_test_ns_rdlock },
	.lot_verif = lock_verify_write_before_read,
}, {
	.lot_desc = "ns(rd): pending ctrl writer doesn't allow ctrl readers",
	.lot_initlock = &nvme_test_ns_rdlock,
	.lot_locks = { &nvme_test_ctrl_wrlock, &nvme_test_ctrl_rdlock,
	    &nvme_test_ctrl_rdlock },
	.lot_verif = lock_verify_write_before_read,
}, {
	.lot_desc = "ns(rd): pending ctrl writer beats pending ns writer "
	    "and readers",
	.lot_initlock = &nvme_test_ns_rdlock,
	.lot_locks = { &nvme_test_ns_wrlock, &nvme_test_ns_rdlock,
	    &nvme_test_ctrl_wrlock, &nvme_test_ctrl_rdlock },
	.lot_verif = lock_verify_ctrl_before_ns,
}, {
	.lot_desc = "ctrl(rd): pending ctrl writer blocks ns read",
	.lot_initlock = &nvme_test_ctrl_rdlock,
	.lot_locks = { &nvme_test_ctrl_wrlock, &nvme_test_ns_rdlock,
	    &nvme_test_ns_rdlock },
	.lot_verif = lock_verif_ent_level,
}, {
	.lot_desc = "ctrl(rd): pending ctrl writer blocks ns writer",
	.lot_initlock = &nvme_test_ctrl_rdlock,
	.lot_locks = { &nvme_test_ctrl_wrlock, &nvme_test_ns_wrlock },
	.lot_verif = lock_verif_ent_level,
}, {
	.lot_desc = "ctrl(rd): pending ctrl writer blocks ctrl reader",
	.lot_initlock = &nvme_test_ctrl_rdlock,
	.lot_locks = { &nvme_test_ctrl_wrlock, &nvme_test_ctrl_rdlock },
	.lot_verif = lock_verify_write_before_read,
}, {
	.lot_desc = "ctrl(wr): ctrl writer beats all pending readers",
	.lot_initlock = &nvme_test_ctrl_wrlock,
	.lot_locks = { &nvme_test_ctrl_rdlock, &nvme_test_ctrl_rdlock,
	    &nvme_test_ns_rdlock, &nvme_test_ns_rdlock,
	    &nvme_test_ctrl_wrlock },
	.lot_verif = lock_verify_write_before_read,
}, {
	.lot_desc = "ctrl(wr): ns writer beats all pending ns readers",
	.lot_initlock = &nvme_test_ctrl_wrlock,
	.lot_locks = { &nvme_test_ns_rdlock, &nvme_test_ns_rdlock,
	    &nvme_test_ns_wrlock, &nvme_test_ns_rdlock, &nvme_test_ns_wrlock },
	.lot_verif = lock_verify_write_before_read,
} };

static void *
lock_thread(void *arg)
{
	const nvme_ioctl_lock_t *tmpl = arg;
	nvme_ioctl_lock_t lock = *tmpl;
	int ctrlfd = nvme_ioctl_test_get_fd(0);
	const char *targ = tmpl->nil_ent == NVME_LOCK_E_CTRL ?
	    "controller" : "namespace";
	const char *level = tmpl->nil_level == NVME_LOCK_L_READ ?
	    "read" : "write";

	lock.nil_flags &= ~NVME_LOCK_F_DONT_BLOCK;
	nvme_ioctl_test_lock(ctrlfd, &lock);

	mutex_enter(&lock_mutex);
	if (!lock_valid) {
		errx(EXIT_FAILURE, "TEST FAILED: thread 0x%x managed to return "
		    "with held %s %s lock before main thread unlocked: test "
		    "cannot continue", thr_self(), targ, level);
	}
	VERIFY3U(lock_nextres, <, MAX_LOCKS);
	lock_results[lock_nextres].loi_thread = thr_self();
	lock_results[lock_nextres].loi_lock = tmpl;
	lock_nextres++;
	mutex_exit(&lock_mutex);

	VERIFY0(close(ctrlfd));

	thr_exit(NULL);
}

static bool
lock_order_test(const lock_order_test_t *test)
{
	int ctrlfd;
	uint32_t nthr = 0;
	thread_t thrids[MAX_LOCKS];

	/*
	 * Ensure we have whatever lock we intend to create ahead of doing
	 * anything else.
	 */
	ctrlfd = nvme_ioctl_test_get_fd(0);
	nvme_ioctl_test_lock(ctrlfd, test->lot_initlock);

	mutex_enter(&lock_mutex);
	(void) memset(&lock_results, 0, sizeof (lock_results));
	lock_nextres = 0;
	lock_valid = false;
	mutex_exit(&lock_mutex);

	for (uint32_t i = 0; i < MAX_LOCKS; i++, nthr++) {
		int err;

		if (test->lot_locks[i] == NULL)
			break;

		err = thr_create(NULL, 0, lock_thread,
		    (void *)test->lot_locks[i], 0, &thrids[i]);
		if (err != 0) {
			errc(EXIT_FAILURE, err, "TEST FAILED: %s: cannot "
			    "continue because we failed to create thread %u",
			    test->lot_desc, i);
		}

		while (!nvme_ioctl_test_thr_blocked(thrids[i])) {
			struct timespec sleep;

			sleep.tv_sec = 0;
			sleep.tv_nsec = MSEC2NSEC(10);
			(void) nanosleep(&sleep, NULL);
		}
	}

	/*
	 * Now that all threads have been launched, close our fd to allow them
	 * to run loose and wait for them. Indicate to them that now it is okay
	 * to get the lock.
	 */
	mutex_enter(&lock_mutex);
	lock_valid = true;
	mutex_exit(&lock_mutex);
	VERIFY0(close(ctrlfd));
	for (uint32_t i = 0; i < nthr; i++) {
		int err = thr_join(thrids[i], NULL, NULL);
		if (err != 0) {
			errc(EXIT_FAILURE, err, "TEST FAILED: %s: cannot "
			    "continue because we failed to join thread %u",
			    test->lot_desc, i);
		}
	}
	mutex_enter(&lock_mutex);
	VERIFY3U(lock_nextres, ==, nthr);
	mutex_exit(&lock_mutex);

	if (test->lot_verif(test, nthr)) {
		(void) printf("TEST PASSED: %s\n", test->lot_desc);
		return (true);
	}

	return (false);
}

int
main(void)
{
	int ret = EXIT_SUCCESS;

	VERIFY0(mutex_init(&lock_mutex, USYNC_THREAD | LOCK_ERRORCHECK, NULL));

	for (size_t i = 0; i < ARRAY_SIZE(lock_order_tests); i++) {
		if (!lock_order_test(&lock_order_tests[i])) {
			ret = EXIT_FAILURE;
		}
	}

	VERIFY0(mutex_destroy(&lock_mutex));
	return (ret);
}