As the only way (that I can think of), of "iterating over a %hash" is for my $key (keys %hash) { ... }, or one the essentially similar variations, the rule about not modifying your iterator whilst in a loop doesn't really apply in as much as, the iterator is iterating a list generated by the keys %hash code. So, if you choose to delete an element of the hash using delete $hash{$key}; whilst in the loop, you haven't modified the list in anyway, so I don't see any reason why you should not do this in one pass rather than two.

Without seeing the underlying logic and code, it's not possible to be certain that its safe to run your grammer and contents validations in the same pass, but I can't see any reasons why you shouldn't.

The only thing you really need to ensure is that you don't delete a complete lower level hash until all passes have been there and looked. This would be considerably easier in one pass than in 4 I think.

You might need to add some defensive if exists .... and/or if defined .... checks in there somewhere if you don't already have them.

I think I would definately try for the 1 pass method.