 @@ -1,1828 +1,1830 @@
-/*	$NetBSD: kern_descrip.c,v 1.199 2009/08/16 11:00:20 yamt Exp $	*/
+/*	$NetBSD: kern_descrip.c,v 1.200 2009/10/27 02:58:28 rmind Exp $	*/
 /*-
  * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Andrew Doran.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 /*
  * Copyright (c) 1982, 1986, 1989, 1991, 1993
  *	The Regents of the University of California.  All rights reserved.
  * (c) UNIX System Laboratories, Inc.
  * All or some portions of this file are derived from material licensed
  * to the University of California by American Telephone and Telegraph
  * Co. or Unix System Laboratories, Inc. and are reproduced herein with
  * the permission of UNIX System Laboratories, Inc.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. Neither the name of the University nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
  *	@(#)kern_descrip.c	8.8 (Berkeley) 2/14/95
  */
 /*
  * File descriptor management.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.199 2009/08/16 11:00:20 yamt Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.200 2009/10/27 02:58:28 rmind Exp $");
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/filedesc.h>
 #include <sys/kernel.h>
 #include <sys/proc.h>
 #include <sys/file.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
 #include <sys/stat.h>
 #include <sys/ioctl.h>
 #include <sys/fcntl.h>
 #include <sys/pool.h>
 #include <sys/unistd.h>
 #include <sys/resourcevar.h>
 #include <sys/conf.h>
 #include <sys/event.h>
 #include <sys/kauth.h>
 #include <sys/atomic.h>
 #include <sys/syscallargs.h>
 #include <sys/cpu.h>
 #include <sys/kmem.h>
 #include <sys/vnode.h>
 static int	file_ctor(void *, void *, int);
 static void	file_dtor(void *, void *);
 static int	fdfile_ctor(void *, void *, int);
 static void	fdfile_dtor(void *, void *);
 static int	filedesc_ctor(void *, void *, int);
 static void	filedesc_dtor(void *, void *);
 static int	filedescopen(dev_t, int, int, lwp_t *);
 kmutex_t	filelist_lock;	/* lock on filehead */
 struct filelist	filehead;	/* head of list of open files */
 u_int		nfiles;		/* actual number of open files */
 static pool_cache_t filedesc_cache;
 static pool_cache_t file_cache;
 static pool_cache_t fdfile_cache;
 const struct cdevsw filedesc_cdevsw = {
 	filedescopen, noclose, noread, nowrite, noioctl,
 	nostop, notty, nopoll, nommap, nokqfilter, D_OTHER | D_MPSAFE,
 };
 /* For ease of reading. */
 __strong_alias(fd_putvnode,fd_putfile)
 __strong_alias(fd_putsock,fd_putfile)
 /*
  * Initialize the descriptor system.
  */
 void
 fd_sys_init(void)
+{
 	mutex_init(&filelist_lock, MUTEX_DEFAULT, IPL_NONE);
 	file_cache = pool_cache_init(sizeof(file_t), coherency_unit, 0,
 , "file", NULL, IPL_NONE, file_ctor, file_dtor, NULL);
 	KASSERT(file_cache != NULL);
 	fdfile_cache = pool_cache_init(sizeof(fdfile_t), coherency_unit, 0,
 	    PR_LARGECACHE, "fdfile", NULL, IPL_NONE, fdfile_ctor, fdfile_dtor,
 	    NULL);
 	KASSERT(fdfile_cache != NULL);
 	filedesc_cache = pool_cache_init(sizeof(filedesc_t), coherency_unit,
 , 0, "filedesc", NULL, IPL_NONE, filedesc_ctor, filedesc_dtor,
 	    NULL);
 	KASSERT(filedesc_cache != NULL);
+}
 static bool
 fd_isused(filedesc_t *fdp, unsigned fd)
+{
 	u_int off = fd >> NDENTRYSHIFT;
 	KASSERT(fd < fdp->fd_dt->dt_nfiles);
 	return (fdp->fd_lomap[off] & (1 << (fd & NDENTRYMASK))) != 0;
+}
 /*
  * Verify that the bitmaps match the descriptor table.
  */
 static inline void
 fd_checkmaps(filedesc_t *fdp)
+{
 #ifdef DEBUG
 	fdtab_t *dt;
 	u_int fd;
 	dt = fdp->fd_dt;
 	if (fdp->fd_refcnt == -1) {
 		/*
 		 * fd_free tears down the table without maintaining its bitmap.
 		 */
 		return;
+	}
 	for (fd = 0; fd < dt->dt_nfiles; fd++) {
 		if (fd < NDFDFILE) {
 			KASSERT(dt->dt_ff[fd] ==
 			    (fdfile_t *)fdp->fd_dfdfile[fd]);
+		}
 		if (dt->dt_ff[fd] == NULL) {
 			KASSERT(!fd_isused(fdp, fd));
 		} else if (dt->dt_ff[fd]->ff_file != NULL) {
 			KASSERT(fd_isused(fdp, fd));
+		}
+	}
 #else	/* DEBUG */
 	/* nothing */
 #endif	/* DEBUG */
+}
 static int
 fd_next_zero(filedesc_t *fdp, uint32_t *bitmap, int want, u_int bits)
+{
 	int i, off, maxoff;
 	uint32_t sub;
 	KASSERT(mutex_owned(&fdp->fd_lock));
 	fd_checkmaps(fdp);
 	if (want > bits)
 		return -1;
 	off = want >> NDENTRYSHIFT;
 	i = want & NDENTRYMASK;
 	if (i) {
 		sub = bitmap[off] | ((u_int)~0 >> (NDENTRIES - i));
 		if (sub != ~0)
 			goto found;
 		off++;
+	}
 	maxoff = NDLOSLOTS(bits);
 	while (off < maxoff) {
 		if ((sub = bitmap[off]) != ~0)
 			goto found;
 		off++;
+	}
 	return (-1);
  found:
 	return (off << NDENTRYSHIFT) + ffs(~sub) - 1;
+}
 static int
 fd_last_set(filedesc_t *fd, int last)
+{
 	int off, i;
 	fdfile_t **ff = fd->fd_dt->dt_ff;
 	uint32_t *bitmap = fd->fd_lomap;
 	KASSERT(mutex_owned(&fd->fd_lock));
 	fd_checkmaps(fd);
 	off = (last - 1) >> NDENTRYSHIFT;
 	while (off >= 0 && !bitmap[off])
 		off--;
 	if (off < 0)
 		return (-1);
 	i = ((off + 1) << NDENTRYSHIFT) - 1;
 	if (i >= last)
 		i = last - 1;
 	/* XXX should use bitmap */
 	while (i > 0 && (ff[i] == NULL || !ff[i]->ff_allocated))
 		i--;
 	return (i);
+}
 static inline void
 fd_used(filedesc_t *fdp, unsigned fd)
+{
 	u_int off = fd >> NDENTRYSHIFT;
 	fdfile_t *ff;
 	ff = fdp->fd_dt->dt_ff[fd];
 	KASSERT(mutex_owned(&fdp->fd_lock));
 	KASSERT((fdp->fd_lomap[off] & (1 << (fd & NDENTRYMASK))) == 0);
 	KASSERT(ff != NULL);
 	KASSERT(ff->ff_file == NULL);
    	KASSERT(!ff->ff_allocated);
    	ff->ff_allocated = 1;
 	fdp->fd_lomap[off] |= 1 << (fd & NDENTRYMASK);
 	if (__predict_false(fdp->fd_lomap[off] == ~0)) {
 		KASSERT((fdp->fd_himap[off >> NDENTRYSHIFT] &
 		    (1 << (off & NDENTRYMASK))) == 0);
 		fdp->fd_himap[off >> NDENTRYSHIFT] |= 1 << (off & NDENTRYMASK);
+	}
 	if ((int)fd > fdp->fd_lastfile) {
 		fdp->fd_lastfile = fd;
+	}
 	fd_checkmaps(fdp);
+}
 static inline void
 fd_unused(filedesc_t *fdp, unsigned fd)
+{
 	u_int off = fd >> NDENTRYSHIFT;
 	fdfile_t *ff;
 	ff = fdp->fd_dt->dt_ff[fd];
 	/*
 	 * Don't assert the lock is held here, as we may be copying
 	 * the table during exec() and it is not needed there.
 	 * procfs and sysctl are locked out by proc::p_reflock.
+	 *
 	 * KASSERT(mutex_owned(&fdp->fd_lock));
 	 */
 	KASSERT(ff != NULL);
 	KASSERT(ff->ff_file == NULL);
    	KASSERT(ff->ff_allocated);
 	if (fd < fdp->fd_freefile) {
 		fdp->fd_freefile = fd;
+	}
 	if (fdp->fd_lomap[off] == ~0) {
 		KASSERT((fdp->fd_himap[off >> NDENTRYSHIFT] &
 		    (1 << (off & NDENTRYMASK))) != 0);
 		fdp->fd_himap[off >> NDENTRYSHIFT] &=
 		    ~(1 << (off & NDENTRYMASK));
+	}
 	KASSERT((fdp->fd_lomap[off] & (1 << (fd & NDENTRYMASK))) != 0);
 	fdp->fd_lomap[off] &= ~(1 << (fd & NDENTRYMASK));
 	ff->ff_allocated = 0;
 	KASSERT(fd <= fdp->fd_lastfile);
 	if (fd == fdp->fd_lastfile) {
 		fdp->fd_lastfile = fd_last_set(fdp, fd);
+	}
 	fd_checkmaps(fdp);
+}
 /*
  * Look up the file structure corresponding to a file descriptor
  * and return the file, holding a reference on the descriptor.
  */
 inline file_t *
 fd_getfile(unsigned fd)
+{
 	filedesc_t *fdp;
 	fdfile_t *ff;
 	file_t *fp;
 	fdtab_t *dt;
 	/*
 	 * Look up the fdfile structure representing this descriptor.
 	 * We are doing this unlocked.  See fd_tryexpand().
 	 */
 	fdp = curlwp->l_fd;
 	dt = fdp->fd_dt;
 	if (__predict_false(fd >= dt->dt_nfiles)) {
 		return NULL;
+	}
 	ff = dt->dt_ff[fd];
 	KASSERT(fd >= NDFDFILE || ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
 	if (__predict_false(ff == NULL)) {
 		return NULL;
+	}
 	/* Now get a reference to the descriptor. */
 	if (fdp->fd_refcnt == 1) {
 		/*
 		 * Single threaded: don't need to worry about concurrent
 		 * access (other than earlier calls to kqueue, which may
 		 * hold a reference to the descriptor).
 		 */
 		ff->ff_refcnt++;
 	} else {
 		/*
 		 * Multi threaded: issue a memory barrier to ensure that we
 		 * acquire the file pointer _after_ adding a reference.  If
 		 * no memory barrier, we could fetch a stale pointer.
 		 */
 		atomic_inc_uint(&ff->ff_refcnt);
 #ifndef __HAVE_ATOMIC_AS_MEMBAR
 		membar_enter();
 #endif
+	}
 	/*
 	 * If the file is not open or is being closed then put the
 	 * reference back.
 	 */
 	fp = ff->ff_file;
 	if (__predict_true(fp != NULL)) {
 		return fp;
+	}
 	fd_putfile(fd);
 	return NULL;
+}
 /*
  * Release a reference to a file descriptor acquired with fd_getfile().
  */
 void
 fd_putfile(unsigned fd)
+{
 	filedesc_t *fdp;
 	fdfile_t *ff;
 	u_int u, v;
 	fdp = curlwp->l_fd;
 	ff = fdp->fd_dt->dt_ff[fd];
 	KASSERT(fd < fdp->fd_dt->dt_nfiles);
 	KASSERT(ff != NULL);
 	KASSERT((ff->ff_refcnt & FR_MASK) > 0);
 	KASSERT(fd >= NDFDFILE || ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
 	if (fdp->fd_refcnt == 1) {
 		/*
 		 * Single threaded: don't need to worry about concurrent
 		 * access (other than earlier calls to kqueue, which may
 		 * hold a reference to the descriptor).
 		 */
 		if (__predict_false((ff->ff_refcnt & FR_CLOSING) != 0)) {
 			fd_close(fd);
 			return;
+		}
 		ff->ff_refcnt--;
 		return;
+	}
 	/*
 	 * Ensure that any use of the file is complete and globally
 	 * visible before dropping the final reference.  If no membar,
 	 * the current CPU could still access memory associated with
 	 * the file after it has been freed or recycled by another
 	 * CPU.
 	 */
 #ifndef __HAVE_ATOMIC_AS_MEMBAR
 	membar_exit();
 #endif
 	/*
 	 * Be optimistic and start out with the assumption that no other
 	 * threads are trying to close the descriptor.  If the CAS fails,
 	 * we lost a race and/or it's being closed.
 	 */
 	for (u = ff->ff_refcnt & FR_MASK;; u = v) {
 		v = atomic_cas_uint(&ff->ff_refcnt, u, u - 1);
 		if (__predict_true(u == v)) {
 			return;
+		}
 		if (__predict_false((v & FR_CLOSING) != 0)) {
 			break;
+		}
+	}
 	/* Another thread is waiting to close the file: join it. */
 	(void)fd_close(fd);
+}
 /*
  * Convenience wrapper around fd_getfile() that returns reference
  * to a vnode.
  */
 int
 fd_getvnode(unsigned fd, file_t **fpp)
+{
 	vnode_t *vp;
 	file_t *fp;
 	fp = fd_getfile(fd);
 	if (__predict_false(fp == NULL)) {
 		return EBADF;
+	}
 	if (__predict_false(fp->f_type != DTYPE_VNODE)) {
 		fd_putfile(fd);
 		return EINVAL;
+	}
 	vp = fp->f_data;
 	if (__predict_false(vp->v_type == VBAD)) {
 		/* XXX Is this case really necessary? */
 		fd_putfile(fd);
 		return EBADF;
+	}
 	*fpp = fp;
 	return 0;
+}
 /*
  * Convenience wrapper around fd_getfile() that returns reference
  * to a socket.
  */
 int
 fd_getsock(unsigned fd, struct socket **sop)
+{
 	file_t *fp;
 	fp = fd_getfile(fd);
 	if (__predict_false(fp == NULL)) {
 		return EBADF;
+	}
 	if (__predict_false(fp->f_type != DTYPE_SOCKET)) {
 		fd_putfile(fd);
 		return ENOTSOCK;
+	}
 	*sop = fp->f_data;
 	return 0;
+}
 /*
  * Look up the file structure corresponding to a file descriptor
  * and return it with a reference held on the file, not the
  * descriptor.
+ *
  * This is heavyweight and only used when accessing descriptors
  * from a foreign process.  The caller must ensure that `p' does
  * not exit or fork across this call.
+ *
  * To release the file (not descriptor) reference, use closef().
  */
 file_t *
 fd_getfile2(proc_t *p, unsigned fd)
+{
 	filedesc_t *fdp;
 	fdfile_t *ff;
 	file_t *fp;
 	fdtab_t *dt;
 	fdp = p->p_fd;
 	mutex_enter(&fdp->fd_lock);
 	dt = fdp->fd_dt;
 	if (fd >= dt->dt_nfiles) {
 		mutex_exit(&fdp->fd_lock);
 		return NULL;
+	}
 	if ((ff = dt->dt_ff[fd]) == NULL) {
 		mutex_exit(&fdp->fd_lock);
 		return NULL;
+	}
 	if ((fp = ff->ff_file) == NULL) {
 		mutex_exit(&fdp->fd_lock);
 		return NULL;
+	}
 	mutex_enter(&fp->f_lock);
 	fp->f_count++;
 	mutex_exit(&fp->f_lock);
 	mutex_exit(&fdp->fd_lock);
 	return fp;
+}
 /*
  * Internal form of close.  Must be called with a reference to the
  * descriptor, and will drop the reference.  When all descriptor
  * references are dropped, releases the descriptor slot and a single
  * reference to the file structure.
  */
 int
 fd_close(unsigned fd)
+{
 	struct flock lf;
 	filedesc_t *fdp;
 	fdfile_t *ff;
 	file_t *fp;
 	proc_t *p;
 	lwp_t *l;
 	u_int refcnt;
 	l = curlwp;
 	p = l->l_proc;
 	fdp = l->l_fd;
 	ff = fdp->fd_dt->dt_ff[fd];
 	KASSERT(fd >= NDFDFILE || ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
 	mutex_enter(&fdp->fd_lock);
 	KASSERT((ff->ff_refcnt & FR_MASK) > 0);
 	if (__predict_false(ff->ff_file == NULL)) {
 		/*
 		 * Another user of the file is already closing, and is
 		 * waiting for other users of the file to drain.  Release
 		 * our reference, and wake up the closer.
 		 */
 		atomic_dec_uint(&ff->ff_refcnt);
 		cv_broadcast(&ff->ff_closing);
 		mutex_exit(&fdp->fd_lock);
 		/*
 		 * An application error, so pretend that the descriptor
 		 * was already closed.  We can't safely wait for it to
 		 * be closed without potentially deadlocking.
 		 */
 		return (EBADF);
+	}
 	KASSERT((ff->ff_refcnt & FR_CLOSING) == 0);
 	/*
 	 * There may be multiple users of this file within the process.
 	 * Notify existing and new users that the file is closing.  This
 	 * will prevent them from adding additional uses to this file
 	 * while we are closing it.
 	 */
 	fp = ff->ff_file;
 	ff->ff_file = NULL;
 	ff->ff_exclose = false;
 	/*
 	 * We expect the caller to hold a descriptor reference - drop it.
 	 * The reference count may increase beyond zero at this point due
 	 * to an erroneous descriptor reference by an application, but
 	 * fd_getfile() will notice that the file is being closed and drop
 	 * the reference again.
 	 */
 	if (fdp->fd_refcnt == 1) {
 		/* Single threaded. */
 		refcnt = --(ff->ff_refcnt);
 	} else {
 		/* Multi threaded. */
 #ifndef __HAVE_ATOMIC_AS_MEMBAR
 		membar_producer();
 #endif
 		refcnt = atomic_dec_uint_nv(&ff->ff_refcnt);
+	}
 	if (__predict_false(refcnt != 0)) {
 		/*
 		 * Wait for other references to drain.  This is typically
 		 * an application error - the descriptor is being closed
 		 * while still in use.
+		 *
 		 */
 		atomic_or_uint(&ff->ff_refcnt, FR_CLOSING);
 		/*
 		 * Remove any knotes attached to the file.  A knote
 		 * attached to the descriptor can hold references on it.
 		 */
 		mutex_exit(&fdp->fd_lock);
 		if (!SLIST_EMPTY(&ff->ff_knlist)) {
 			knote_fdclose(fd);
+		}
 		/* Try to drain out descriptor references. */
 		(*fp->f_ops->fo_drain)(fp);
 		mutex_enter(&fdp->fd_lock);
 		/*
 		 * We need to see the count drop to zero at least once,
 		 * in order to ensure that all pre-existing references
 		 * have been drained.  New references past this point are
 		 * of no interest.
 		 */
 		while ((ff->ff_refcnt & FR_MASK) != 0) {
 			cv_wait(&ff->ff_closing, &fdp->fd_lock);
+		}
 		atomic_and_uint(&ff->ff_refcnt, ~FR_CLOSING);
 	} else {
 		/* If no references, there must be no knotes. */
 		KASSERT(SLIST_EMPTY(&ff->ff_knlist));
+	}
 	/*
 	 * POSIX record locking dictates that any close releases ALL
 	 * locks owned by this process.  This is handled by setting
 	 * a flag in the unlock to free ONLY locks obeying POSIX
 	 * semantics, and not to free BSD-style file locks.
 	 * If the descriptor was in a message, POSIX-style locks
 	 * aren't passed with the descriptor.
 	 */
 	if (__predict_false((p->p_flag & PK_ADVLOCK) != 0 &&
 	    fp->f_type == DTYPE_VNODE)) {
 		lf.l_whence = SEEK_SET;
 		lf.l_start = 0;
 		lf.l_len = 0;
 		lf.l_type = F_UNLCK;
 		mutex_exit(&fdp->fd_lock);
 		(void)VOP_ADVLOCK(fp->f_data, p, F_UNLCK, &lf, F_POSIX);
 		mutex_enter(&fdp->fd_lock);
+	}
 	/* Free descriptor slot. */
 	fd_unused(fdp, fd);
 	mutex_exit(&fdp->fd_lock);
 	/* Now drop reference to the file itself. */
 	return closef(fp);
+}
 /*
  * Duplicate a file descriptor.
  */
 int
 fd_dup(file_t *fp, int minfd, int *newp, bool exclose)
+{
 	proc_t *p;
 	int error;
 	p = curproc;
 	while ((error = fd_alloc(p, minfd, newp)) != 0) {
 		if (error != ENOSPC) {
 			return error;
+		}
 		fd_tryexpand(p);
+	}
 	curlwp->l_fd->fd_dt->dt_ff[*newp]->ff_exclose = exclose;
 	fd_affix(p, fp, *newp);
 	return 0;
+}
 /*
  * dup2 operation.
  */
 int
 fd_dup2(file_t *fp, unsigned new)
+{
 	filedesc_t *fdp;
 	fdfile_t *ff;
 	fdtab_t *dt;
 	fdp = curlwp->l_fd;
 	/*
 	 * Ensure there are enough slots in the descriptor table,
 	 * and allocate an fdfile_t up front in case we need it.
 	 */
 	while (new >= fdp->fd_dt->dt_nfiles) {
 		fd_tryexpand(curproc);
+	}
 	ff = pool_cache_get(fdfile_cache, PR_WAITOK);
 	/*
 	 * If there is already a file open, close it.  If the file is
 	 * half open, wait for it to be constructed before closing it.
 	 * XXX Potential for deadlock here?
 	 */
 	mutex_enter(&fdp->fd_lock);
 	while (fd_isused(fdp, new)) {
 		mutex_exit(&fdp->fd_lock);
 		if (fd_getfile(new) != NULL) {
 			(void)fd_close(new);
 		} else {
 			/*
 			 * Crummy, but unlikely to happen.
 			 * Can occur if we interrupt another
 			 * thread while it is opening a file.
 			 */
 			kpause("dup2", false, 1, NULL);
+		}
 		mutex_enter(&fdp->fd_lock);
+	}
 	dt = fdp->fd_dt;
 	if (dt->dt_ff[new] == NULL) {
 		KASSERT(new >= NDFDFILE);
 		dt->dt_ff[new] = ff;
 		ff = NULL;
+	}
 	fd_used(fdp, new);
 	mutex_exit(&fdp->fd_lock);
 	/* Slot is now allocated.  Insert copy of the file. */
 	fd_affix(curproc, fp, new);
 	if (ff != NULL) {
 		pool_cache_put(fdfile_cache, ff);
+	}
 	return 0;
+}
 /*
  * Drop reference to a file structure.
  */
 int
 closef(file_t *fp)
+{
 	struct flock lf;
 	int error;
 	/*
 	 * Drop reference.  If referenced elsewhere it's still open
 	 * and we have nothing more to do.
 	 */
 	mutex_enter(&fp->f_lock);
 	KASSERT(fp->f_count > 0);
 	if (--fp->f_count > 0) {
 		mutex_exit(&fp->f_lock);
 		return 0;
+	}
 	KASSERT(fp->f_count == 0);
 	mutex_exit(&fp->f_lock);
 	/* We held the last reference - release locks, close and free. */
         if ((fp->f_flag & FHASLOCK) && fp->f_type == DTYPE_VNODE) {
         	lf.l_whence = SEEK_SET;
 		lf.l_start = 0;
 		lf.l_len = 0;
 		lf.l_type = F_UNLCK;
 		(void)VOP_ADVLOCK(fp->f_data, fp, F_UNLCK, &lf, F_FLOCK);
+	}
 	if (fp->f_ops != NULL) {
 		error = (*fp->f_ops->fo_close)(fp);
 	} else {
 		error = 0;
+	}
 	KASSERT(fp->f_count == 0);
 	KASSERT(fp->f_cred != NULL);
 	pool_cache_put(file_cache, fp);
 	return error;
+}
 /*
  * Allocate a file descriptor for the process.
  */
 int
 fd_alloc(proc_t *p, int want, int *result)
+{
 	filedesc_t *fdp;
 	int i, lim, last, error;
 	u_int off, new;
 	fdtab_t *dt;
 	KASSERT(p == curproc || p == &proc0);
 	fdp = p->p_fd;
 	/*
 	 * Search for a free descriptor starting at the higher
 	 * of want or fd_freefile.
 	 */
 	mutex_enter(&fdp->fd_lock);
 	fd_checkmaps(fdp);
 	dt = fdp->fd_dt;
 	KASSERT(dt->dt_ff[0] == (fdfile_t *)fdp->fd_dfdfile[0]);
 	lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfiles);
 	last = min(dt->dt_nfiles, lim);
 	for (;;) {
 		if ((i = want) < fdp->fd_freefile)
 			i = fdp->fd_freefile;
 		off = i >> NDENTRYSHIFT;
 		new = fd_next_zero(fdp, fdp->fd_himap, off,
 		    (last + NDENTRIES - 1) >> NDENTRYSHIFT);
 		if (new == -1)
 			break;
 		i = fd_next_zero(fdp, &fdp->fd_lomap[new],
 		    new > off ? 0 : i & NDENTRYMASK, NDENTRIES);
 		if (i == -1) {
 			/*
 			 * Free file descriptor in this block was
 			 * below want, try again with higher want.
 			 */
 			want = (new + 1) << NDENTRYSHIFT;
 			continue;
+		}
 		i += (new << NDENTRYSHIFT);
 		if (i >= last) {
 			break;
+		}
 		if (dt->dt_ff[i] == NULL) {
 			KASSERT(i >= NDFDFILE);
 			dt->dt_ff[i] = pool_cache_get(fdfile_cache, PR_WAITOK);
+		}
 		KASSERT(dt->dt_ff[i]->ff_refcnt == 0);
 		KASSERT(dt->dt_ff[i]->ff_file == NULL);
 		fd_used(fdp, i);
 		if (want <= fdp->fd_freefile) {
 			fdp->fd_freefile = i;
+		}
 		*result = i;
 		KASSERT(i >= NDFDFILE ||
 		    dt->dt_ff[i] == (fdfile_t *)fdp->fd_dfdfile[i]);
 		fd_checkmaps(fdp);
 		mutex_exit(&fdp->fd_lock);
 		return 0;
+	}
 	/* No space in current array.  Let the caller expand and retry. */
 	error = (dt->dt_nfiles >= lim) ? EMFILE : ENOSPC;
 	mutex_exit(&fdp->fd_lock);
 	return error;
+}
 /*
  * Allocate memory for a descriptor table.
  */
 static fdtab_t *
 fd_dtab_alloc(int n)
+{
 	fdtab_t *dt;
 	size_t sz;
 	KASSERT(n > NDFILE);
 	sz = sizeof(*dt) + (n - NDFILE) * sizeof(dt->dt_ff[0]);
 	dt = kmem_alloc(sz, KM_SLEEP);
 #ifdef DIAGNOSTIC
 	memset(dt, 0xff, sz);
 #endif
 	dt->dt_nfiles = n;
 	dt->dt_link = NULL;
 	return dt;
+}
 /*
  * Free a descriptor table, and all tables linked for deferred free.
  */
 static void
 fd_dtab_free(fdtab_t *dt)
+{
 	fdtab_t *next;
 	size_t sz;
 	do {
 		next = dt->dt_link;
 		KASSERT(dt->dt_nfiles > NDFILE);
 		sz = sizeof(*dt) +
 		    (dt->dt_nfiles - NDFILE) * sizeof(dt->dt_ff[0]);
 #ifdef DIAGNOSTIC
 		memset(dt, 0xff, sz);
 #endif
 		kmem_free(dt, sz);
 		dt = next;
 	} while (dt != NULL);
+}
 /*
  * Allocate descriptor bitmap.
  */
 static void
 fd_map_alloc(int n, uint32_t **lo, uint32_t **hi)
+{
 	uint8_t *ptr;
 	size_t szlo, szhi;
 	KASSERT(n > NDENTRIES);
 	szlo = NDLOSLOTS(n) * sizeof(uint32_t);
 	szhi = NDHISLOTS(n) * sizeof(uint32_t);
 	ptr = kmem_alloc(szlo + szhi, KM_SLEEP);
 	*lo = (uint32_t *)ptr;
 	*hi = (uint32_t *)(ptr + szlo);
+}
 /*
  * Free descriptor bitmap.
  */
 static void
 fd_map_free(int n, uint32_t *lo, uint32_t *hi)
+{
 	size_t szlo, szhi;
 	KASSERT(n > NDENTRIES);
 	szlo = NDLOSLOTS(n) * sizeof(uint32_t);
 	szhi = NDHISLOTS(n) * sizeof(uint32_t);
 	KASSERT(hi == (uint32_t *)((uint8_t *)lo + szlo));
 	kmem_free(lo, szlo + szhi);
+}
 /*
  * Expand a process' descriptor table.
  */
 void
 fd_tryexpand(proc_t *p)
+{
 	filedesc_t *fdp;
 	int i, numfiles, oldnfiles;
 	fdtab_t *newdt, *dt;
 	uint32_t *newhimap, *newlomap;
 	KASSERT(p == curproc || p == &proc0);
 	fdp = p->p_fd;
 	newhimap = NULL;
 	newlomap = NULL;
 	oldnfiles = fdp->fd_dt->dt_nfiles;
 	if (oldnfiles < NDEXTENT)
 		numfiles = NDEXTENT;
 	else
 		numfiles = 2 * oldnfiles;
 	newdt = fd_dtab_alloc(numfiles);
 	if (NDHISLOTS(numfiles) > NDHISLOTS(oldnfiles)) {
 		fd_map_alloc(numfiles, &newlomap, &newhimap);
+	}
 	mutex_enter(&fdp->fd_lock);
 	dt = fdp->fd_dt;
 	KASSERT(dt->dt_ff[0] == (fdfile_t *)fdp->fd_dfdfile[0]);
 	if (dt->dt_nfiles != oldnfiles) {
 		/* fdp changed; caller must retry */
 		mutex_exit(&fdp->fd_lock);
 		fd_dtab_free(newdt);
 		if (NDHISLOTS(numfiles) > NDHISLOTS(oldnfiles)) {
 			fd_map_free(numfiles, newlomap, newhimap);
+		}
 		return;
+	}
 	/* Copy the existing descriptor table and zero the new portion. */
 	i = sizeof(fdfile_t *) * oldnfiles;
 	memcpy(newdt->dt_ff, dt->dt_ff, i);
 	memset((uint8_t *)newdt->dt_ff + i, 0,
 	    numfiles * sizeof(fdfile_t *) - i);
 	/*
 	 * Link old descriptor array into list to be discarded.  We defer
 	 * freeing until the last reference to the descriptor table goes
 	 * away (usually process exit).  This allows us to do lockless
 	 * lookups in fd_getfile().
 	 */
 	if (oldnfiles > NDFILE) {
 		if (fdp->fd_refcnt > 1) {
 			newdt->dt_link = dt;
 		} else {
 			fd_dtab_free(dt);
+		}
+	}
 	if (NDHISLOTS(numfiles) > NDHISLOTS(oldnfiles)) {
 		i = NDHISLOTS(oldnfiles) * sizeof(uint32_t);
 		memcpy(newhimap, fdp->fd_himap, i);
 		memset((uint8_t *)newhimap + i, 0,
 		    NDHISLOTS(numfiles) * sizeof(uint32_t) - i);
 		i = NDLOSLOTS(oldnfiles) * sizeof(uint32_t);
 		memcpy(newlomap, fdp->fd_lomap, i);
 		memset((uint8_t *)newlomap + i, 0,
 		    NDLOSLOTS(numfiles) * sizeof(uint32_t) - i);
 		if (NDHISLOTS(oldnfiles) > NDHISLOTS(NDFILE)) {
 			fd_map_free(oldnfiles, fdp->fd_lomap, fdp->fd_himap);
+		}
 		fdp->fd_himap = newhimap;
 		fdp->fd_lomap = newlomap;
+	}
 	/*
 	 * All other modifications must become globally visible before
 	 * the change to fd_dt.  See fd_getfile().
 	 */
 	membar_producer();
 	fdp->fd_dt = newdt;
 	KASSERT(newdt->dt_ff[0] == (fdfile_t *)fdp->fd_dfdfile[0]);
 	fd_checkmaps(fdp);
 	mutex_exit(&fdp->fd_lock);
+}
 /*
  * Create a new open file structure and allocate a file descriptor
  * for the current process.
  */
 int
 fd_allocfile(file_t **resultfp, int *resultfd)
+{
 	kauth_cred_t cred;
 	file_t *fp;
 	proc_t *p;
 	int error;
 	p = curproc;
 	while ((error = fd_alloc(p, 0, resultfd)) != 0) {
 		if (error != ENOSPC) {
 			return error;
+		}
 		fd_tryexpand(p);
+	}
 	fp = pool_cache_get(file_cache, PR_WAITOK);
 	if (fp == NULL) {
 		return ENFILE;
+	}
 	KASSERT(fp->f_count == 0);
 	KASSERT(fp->f_msgcount == 0);
 	KASSERT(fp->f_unpcount == 0);
 	/* Replace cached credentials if not what we need. */
 	cred = curlwp->l_cred;
 	if (__predict_false(cred != fp->f_cred)) {
 		kauth_cred_free(fp->f_cred);
 		kauth_cred_hold(cred);
 		fp->f_cred = cred;
+	}
 	/*
 	 * Don't allow recycled files to be scanned.
 	 * See uipc_usrreq.c.
 	 */
 	if (__predict_false((fp->f_flag & FSCAN) != 0)) {
 		mutex_enter(&fp->f_lock);
 		atomic_and_uint(&fp->f_flag, ~FSCAN);
 		mutex_exit(&fp->f_lock);
+	}
 	fp->f_advice = 0;
 	fp->f_offset = 0;
 	*resultfp = fp;
 	return 0;
+}
 /*
  * Successful creation of a new descriptor: make visible to the process.
  */
 void
 fd_affix(proc_t *p, file_t *fp, unsigned fd)
+{
 	fdfile_t *ff;
 	filedesc_t *fdp;
 	KASSERT(p == curproc || p == &proc0);
 	/* Add a reference to the file structure. */
 	mutex_enter(&fp->f_lock);
 	fp->f_count++;
 	mutex_exit(&fp->f_lock);
 	/*
 	 * Insert the new file into the descriptor slot.
+	 *
 	 * The memory barriers provided by lock activity in this routine
 	 * ensure that any updates to the file structure become globally
 	 * visible before the file becomes visible to other LWPs in the
 	 * current process.
 	 */
 	fdp = p->p_fd;
 	ff = fdp->fd_dt->dt_ff[fd];
 	KASSERT(ff != NULL);
 	KASSERT(ff->ff_file == NULL);
 	KASSERT(ff->ff_allocated);
 	KASSERT(fd_isused(fdp, fd));
 	KASSERT(fd >= NDFDFILE || ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
 	/* No need to lock in order to make file initially visible. */
 	ff->ff_file = fp;
+}
 /*
  * Abort creation of a new descriptor: free descriptor slot and file.
  */
 void
 fd_abort(proc_t *p, file_t *fp, unsigned fd)
+{
 	filedesc_t *fdp;
 	fdfile_t *ff;
 	KASSERT(p == curproc || p == &proc0);
 	fdp = p->p_fd;
 	ff = fdp->fd_dt->dt_ff[fd];
 	KASSERT(fd >= NDFDFILE || ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
 	mutex_enter(&fdp->fd_lock);
 	KASSERT(fd_isused(fdp, fd));
 	fd_unused(fdp, fd);
 	mutex_exit(&fdp->fd_lock);
 	if (fp != NULL) {
 		KASSERT(fp->f_count == 0);
 		KASSERT(fp->f_cred != NULL);
 		pool_cache_put(file_cache, fp);
+	}
+}
 static int
 file_ctor(void *arg, void *obj, int flags)
+{
 	file_t *fp = obj;
 	memset(fp, 0, sizeof(*fp));
 	mutex_enter(&filelist_lock);
 	if (__predict_false(nfiles >= maxfiles)) {
 		mutex_exit(&filelist_lock);
 		tablefull("file", "increase kern.maxfiles or MAXFILES");
 		return ENFILE;
+	}
 	nfiles++;
 	LIST_INSERT_HEAD(&filehead, fp, f_list);
 	mutex_init(&fp->f_lock, MUTEX_DEFAULT, IPL_NONE);
 	fp->f_cred = curlwp->l_cred;
 	kauth_cred_hold(fp->f_cred);
 	mutex_exit(&filelist_lock);
 	return 0;
+}
 static void
 file_dtor(void *arg, void *obj)
+{
 	file_t *fp = obj;
 	mutex_enter(&filelist_lock);
 	nfiles--;
 	LIST_REMOVE(fp, f_list);
 	mutex_exit(&filelist_lock);
 	kauth_cred_free(fp->f_cred);
 	mutex_destroy(&fp->f_lock);
+}
 static int
 fdfile_ctor(void *arg, void *obj, int flags)
+{
 	fdfile_t *ff = obj;
 	memset(ff, 0, sizeof(*ff));
 	cv_init(&ff->ff_closing, "fdclose");
 	return 0;
+}
 static void
 fdfile_dtor(void *arg, void *obj)
+{
 	fdfile_t *ff = obj;
 	cv_destroy(&ff->ff_closing);
+}
 file_t *
 fgetdummy(void)
+{
 	file_t *fp;
 	fp = kmem_alloc(sizeof(*fp), KM_SLEEP);
 	if (fp != NULL) {
 		memset(fp, 0, sizeof(*fp));
 		mutex_init(&fp->f_lock, MUTEX_DEFAULT, IPL_NONE);
+	}
 	return fp;
+}
 void
 fputdummy(file_t *fp)
+{
 	mutex_destroy(&fp->f_lock);
 	kmem_free(fp, sizeof(*fp));
+}
 /*
  * Create an initial filedesc structure.
  */
 filedesc_t *
 fd_init(filedesc_t *fdp)
+{
 #ifdef DIAGNOSTIC
 	unsigned fd;
 #endif
 	if (__predict_true(fdp == NULL)) {
 		fdp = pool_cache_get(filedesc_cache, PR_WAITOK);
 	} else {
 		/* XXXRUMP KASSERT(fdp == &filedesc0); */
 		filedesc_ctor(NULL, fdp, PR_WAITOK);
+	}
 #ifdef DIAGNOSTIC
 	KASSERT(fdp->fd_lastfile == -1);
 	KASSERT(fdp->fd_lastkqfile == -1);
 	KASSERT(fdp->fd_knhash == NULL);
 	KASSERT(fdp->fd_freefile == 0);
 	KASSERT(fdp->fd_exclose == false);
 	KASSERT(fdp->fd_dt == &fdp->fd_dtbuiltin);
 	KASSERT(fdp->fd_dtbuiltin.dt_nfiles == NDFILE);
 	for (fd = 0; fd < NDFDFILE; fd++) {
 		KASSERT(fdp->fd_dtbuiltin.dt_ff[fd] ==
 		    (fdfile_t *)fdp->fd_dfdfile[fd]);
+	}
 	for (fd = NDFDFILE; fd < NDFILE; fd++) {
 		KASSERT(fdp->fd_dtbuiltin.dt_ff[fd] == NULL);
+	}
 	KASSERT(fdp->fd_himap == fdp->fd_dhimap);
 	KASSERT(fdp->fd_lomap == fdp->fd_dlomap);
 #endif	/* DIAGNOSTIC */
 	fdp->fd_refcnt = 1;
 	fd_checkmaps(fdp);
 	return fdp;
+}
 /*
  * Initialize a file descriptor table.
  */
 static int
 filedesc_ctor(void *arg, void *obj, int flag)
+{
 	filedesc_t *fdp = obj;
 	fdfile_t **ffp;
 	int i;
 	memset(fdp, 0, sizeof(*fdp));
 	mutex_init(&fdp->fd_lock, MUTEX_DEFAULT, IPL_NONE);
 	fdp->fd_lastfile = -1;
 	fdp->fd_lastkqfile = -1;
 	fdp->fd_dt = &fdp->fd_dtbuiltin;
 	fdp->fd_dtbuiltin.dt_nfiles = NDFILE;
 	fdp->fd_himap = fdp->fd_dhimap;
 	fdp->fd_lomap = fdp->fd_dlomap;
 	CTASSERT(sizeof(fdp->fd_dfdfile[0]) >= sizeof(fdfile_t));
 	for (i = 0, ffp = fdp->fd_dt->dt_ff; i < NDFDFILE; i++, ffp++) {
 		*ffp = (fdfile_t *)fdp->fd_dfdfile[i];
 		(void)fdfile_ctor(NULL, fdp->fd_dfdfile[i], PR_WAITOK);
+	}
 	return 0;
+}
 static void
 filedesc_dtor(void *arg, void *obj)
+{
 	filedesc_t *fdp = obj;
 	int i;
 	for (i = 0; i < NDFDFILE; i++) {
 		fdfile_dtor(NULL, fdp->fd_dfdfile[i]);
+	}
 	mutex_destroy(&fdp->fd_lock);
+}
 /*
  * Make p2 share p1's filedesc structure.
  */
 void
 fd_share(struct proc *p2)
+{
 	filedesc_t *fdp;
 	fdp = curlwp->l_fd;
 	p2->p_fd = fdp;
 	atomic_inc_uint(&fdp->fd_refcnt);
+}
 /*
  * Acquire a hold on a filedesc structure.
  */
 void
-fd_hold(void)
+fd_hold(lwp_t *l)
+{
 	filedesc_t *fdp = l->l_fd;
-	atomic_inc_uint(&curlwp->l_fd->fd_refcnt);
+	KASSERT(fdp == curlwp->l_fd || fdp == lwp0.l_fd);
 	atomic_inc_uint(&fdp->fd_refcnt);
+}
 /*
  * Copy a filedesc structure.
  */
 filedesc_t *
 fd_copy(void)
+{
 	filedesc_t *newfdp, *fdp;
 	fdfile_t *ff, **ffp, **nffp, *ff2;
 	int i, j, numfiles, lastfile, newlast;
 	file_t *fp;
 	fdtab_t *newdt;
 	fdp = curproc->p_fd;
 	newfdp = pool_cache_get(filedesc_cache, PR_WAITOK);
 	newfdp->fd_refcnt = 1;
 #ifdef DIAGNOSTIC
 	KASSERT(newfdp->fd_lastfile == -1);
 	KASSERT(newfdp->fd_lastkqfile == -1);
 	KASSERT(newfdp->fd_knhash == NULL);
 	KASSERT(newfdp->fd_freefile == 0);
 	KASSERT(newfdp->fd_exclose == false);
 	KASSERT(newfdp->fd_dt == &newfdp->fd_dtbuiltin);
 	KASSERT(newfdp->fd_dtbuiltin.dt_nfiles == NDFILE);
 	for (i = 0; i < NDFDFILE; i++) {
 		KASSERT(newfdp->fd_dtbuiltin.dt_ff[i] ==
 		    (fdfile_t *)&newfdp->fd_dfdfile[i]);
+	}
 	for (i = NDFDFILE; i < NDFILE; i++) {
 		KASSERT(newfdp->fd_dtbuiltin.dt_ff[i] == NULL);
+	}
 #endif	/* DIAGNOSTIC */
 	mutex_enter(&fdp->fd_lock);
 	fd_checkmaps(fdp);
 	numfiles = fdp->fd_dt->dt_nfiles;
 	lastfile = fdp->fd_lastfile;
 	/*
 	 * If the number of open files fits in the internal arrays
 	 * of the open file structure, use them, otherwise allocate
 	 * additional memory for the number of descriptors currently
 	 * in use.
 	 */
 	if (lastfile < NDFILE) {
 		i = NDFILE;
 		newdt = newfdp->fd_dt;
 		KASSERT(newfdp->fd_dt == &newfdp->fd_dtbuiltin);
 	} else {
 		/*
 		 * Compute the smallest multiple of NDEXTENT needed
 		 * for the file descriptors currently in use,
 		 * allowing the table to shrink.
 		 */
 		i = numfiles;
 		while (i >= 2 * NDEXTENT && i > lastfile * 2) {
 			i /= 2;
+		}
 		KASSERT(i > NDFILE);
 		newdt = fd_dtab_alloc(i);
 		newfdp->fd_dt = newdt;
 		memcpy(newdt->dt_ff, newfdp->fd_dtbuiltin.dt_ff,
 		    NDFDFILE * sizeof(fdfile_t **));
 		memset(newdt->dt_ff + NDFDFILE, 0,
 		    (i - NDFDFILE) * sizeof(fdfile_t **));
+	}
 	if (NDHISLOTS(i) <= NDHISLOTS(NDFILE)) {
 		newfdp->fd_himap = newfdp->fd_dhimap;
 		newfdp->fd_lomap = newfdp->fd_dlomap;
 	} else {
 		fd_map_alloc(i, &newfdp->fd_lomap, &newfdp->fd_himap);
 		KASSERT(i >= NDENTRIES * NDENTRIES);
 		memset(newfdp->fd_himap, 0, NDHISLOTS(i)*sizeof(uint32_t));
 		memset(newfdp->fd_lomap, 0, NDLOSLOTS(i)*sizeof(uint32_t));
+	}
 	newfdp->fd_freefile = fdp->fd_freefile;
 	newfdp->fd_exclose = fdp->fd_exclose;
 	ffp = fdp->fd_dt->dt_ff;
 	nffp = newdt->dt_ff;
 	newlast = -1;
 	for (i = 0; i <= (int)lastfile; i++, ffp++, nffp++) {
 		KASSERT(i >= NDFDFILE ||
 		    *nffp == (fdfile_t *)newfdp->fd_dfdfile[i]);
 		ff = *ffp;
 		if (ff == NULL || (fp = ff->ff_file) == NULL) {
 			/* Descriptor unused, or descriptor half open. */
 			KASSERT(!fd_isused(newfdp, i));
 			continue;
+		}
 		if (__predict_false(fp->f_type == DTYPE_KQUEUE)) {
 			/* kqueue descriptors cannot be copied. */
                        if (i < newfdp->fd_freefile)
                                newfdp->fd_freefile = i;
 			continue;
+		}
 		/* It's active: add a reference to the file. */
 		mutex_enter(&fp->f_lock);
 		fp->f_count++;
 		mutex_exit(&fp->f_lock);
 		/* Allocate an fdfile_t to represent it. */
 		if (i >= NDFDFILE) {
 			ff2 = pool_cache_get(fdfile_cache, PR_WAITOK);
 			*nffp = ff2;
 		} else {
 			ff2 = newdt->dt_ff[i];
+		}
 		ff2->ff_file = fp;
 		ff2->ff_exclose = ff->ff_exclose;
 		ff2->ff_allocated = true;
 		/* Fix up bitmaps. */
 		j = i >> NDENTRYSHIFT;
 		KASSERT((newfdp->fd_lomap[j] & (1 << (i & NDENTRYMASK))) == 0);
 		newfdp->fd_lomap[j] |= 1 << (i & NDENTRYMASK);
 		if (__predict_false(newfdp->fd_lomap[j] == ~0)) {
 			KASSERT((newfdp->fd_himap[j >> NDENTRYSHIFT] &
 			    (1 << (j & NDENTRYMASK))) == 0);
 			newfdp->fd_himap[j >> NDENTRYSHIFT] |=
 << (j & NDENTRYMASK);
+		}
 		newlast = i;
+	}
 	KASSERT(newdt->dt_ff[0] == (fdfile_t *)newfdp->fd_dfdfile[0]);
 	newfdp->fd_lastfile = newlast;
 	fd_checkmaps(newfdp);
 	mutex_exit(&fdp->fd_lock);
 	return (newfdp);
+}
 /*
  * Release a filedesc structure.
  */
 void
 fd_free(void)
+{
 	fdfile_t *ff;
 	file_t *fp;
 	int fd, nf;
 	fdtab_t *dt;
 	lwp_t * const l = curlwp;
 	filedesc_t * const fdp = l->l_fd;
 	const bool noadvlock = (l->l_proc->p_flag & PK_ADVLOCK) == 0;
 	KASSERT(fdp->fd_dt->dt_ff[0] == (fdfile_t *)fdp->fd_dfdfile[0]);
 	KASSERT(fdp->fd_dtbuiltin.dt_nfiles == NDFILE);
 	KASSERT(fdp->fd_dtbuiltin.dt_link == NULL);
 #ifndef __HAVE_ATOMIC_AS_MEMBAR
 	membar_exit();
 #endif
 	if (atomic_dec_uint_nv(&fdp->fd_refcnt) > 0)
 		return;
 	/*
 	 * Close any files that the process holds open.
 	 */
 	dt = fdp->fd_dt;
 	fd_checkmaps(fdp);
 #ifdef DEBUG
 	fdp->fd_refcnt = -1; /* see fd_checkmaps */
 #endif
 	for (fd = 0, nf = dt->dt_nfiles; fd < nf; fd++) {
 		ff = dt->dt_ff[fd];
 		KASSERT(fd >= NDFDFILE ||
 		    ff == (fdfile_t *)fdp->fd_dfdfile[fd]);
 		if (ff == NULL)
 			continue;
 		if ((fp = ff->ff_file) != NULL) {
 			/*
 			 * Must use fd_close() here if there is
 			 * a reference from kqueue or we might have posix
 			 * advisory locks.
 			 */
 			if (__predict_true(ff->ff_refcnt == 0) &&
 			    (noadvlock || fp->f_type != DTYPE_VNODE)) {
 				ff->ff_file = NULL;
 				ff->ff_exclose = false;
 				ff->ff_allocated = false;
 				closef(fp);
 			} else {
 				ff->ff_refcnt++;
 				fd_close(fd);
+			}
+		}
 		KASSERT(ff->ff_refcnt == 0);
 		KASSERT(ff->ff_file == NULL);
 		KASSERT(!ff->ff_exclose);
 		KASSERT(!ff->ff_allocated);
 		if (fd >= NDFDFILE) {
 			pool_cache_put(fdfile_cache, ff);
 			dt->dt_ff[fd] = NULL;
+		}
+	}
 	/*
 	 * Clean out the descriptor table for the next user and return
 	 * to the cache.
 	 */
 	if (__predict_false(dt != &fdp->fd_dtbuiltin)) {
 		fd_dtab_free(fdp->fd_dt);
 		/* Otherwise, done above. */
 		memset(&fdp->fd_dtbuiltin.dt_ff[NDFDFILE], 0,
 		    (NDFILE - NDFDFILE) * sizeof(fdp->fd_dtbuiltin.dt_ff[0]));
 		fdp->fd_dt = &fdp->fd_dtbuiltin;
+	}
 	if (__predict_false(NDHISLOTS(nf) > NDHISLOTS(NDFILE))) {
 		KASSERT(fdp->fd_himap != fdp->fd_dhimap);
 		KASSERT(fdp->fd_lomap != fdp->fd_dlomap);
 		fd_map_free(nf, fdp->fd_lomap, fdp->fd_himap);
+	}
 	if (__predict_false(fdp->fd_knhash != NULL)) {
 		hashdone(fdp->fd_knhash, HASH_LIST, fdp->fd_knhashmask);
 		fdp->fd_knhash = NULL;
 		fdp->fd_knhashmask = 0;
 	} else {
 		KASSERT(fdp->fd_knhashmask == 0);
+	}
 	fdp->fd_dt = &fdp->fd_dtbuiltin;
 	fdp->fd_lastkqfile = -1;
 	fdp->fd_lastfile = -1;
 	fdp->fd_freefile = 0;
 	fdp->fd_exclose = false;
 	memset(&fdp->fd_startzero, 0, sizeof(*fdp) -
 	    offsetof(filedesc_t, fd_startzero));
 	fdp->fd_himap = fdp->fd_dhimap;
 	fdp->fd_lomap = fdp->fd_dlomap;
 	KASSERT(fdp->fd_dtbuiltin.dt_nfiles == NDFILE);
 	KASSERT(fdp->fd_dtbuiltin.dt_link == NULL);
 	KASSERT(fdp->fd_dt == &fdp->fd_dtbuiltin);
 #ifdef DEBUG
 	fdp->fd_refcnt = 0; /* see fd_checkmaps */
 #endif
 	fd_checkmaps(fdp);
 	pool_cache_put(filedesc_cache, fdp);
+}
 /*
  * File Descriptor pseudo-device driver (/dev/fd/).
+ *
  * Opening minor device N dup()s the file (if any) connected to file
  * descriptor N belonging to the calling process.  Note that this driver
  * consists of only the ``open()'' routine, because all subsequent
  * references to this file will be direct to the other driver.
  */
 static int
 filedescopen(dev_t dev, int mode, int type, lwp_t *l)
+{
 	/*
 	 * XXX Kludge: set dupfd to contain the value of the
 	 * the file descriptor being sought for duplication. The error
 	 * return ensures that the vnode for this device will be released
 	 * by vn_open. Open will detect this special error and take the
 	 * actions in dupfdopen below. Other callers of vn_open or VOP_OPEN
 	 * will simply report the error.
 	 */
 	l->l_dupfd = minor(dev);	/* XXX */
 	return EDUPFD;
+}
 /*
  * Duplicate the specified descriptor to a free descriptor.
  */
 int
 fd_dupopen(int old, int *new, int mode, int error)
+{
 	filedesc_t *fdp;
 	fdfile_t *ff;
 	file_t *fp;
 	fdtab_t *dt;
 	if ((fp = fd_getfile(old)) == NULL) {
 		return EBADF;
+	}
 	fdp = curlwp->l_fd;
 	dt = fdp->fd_dt;
 	ff = dt->dt_ff[old];
 	/*
 	 * There are two cases of interest here.
+	 *
 	 * For EDUPFD simply dup (dfd) to file descriptor
 	 * (indx) and return.
+	 *
 	 * For EMOVEFD steal away the file structure from (dfd) and
 	 * store it in (indx).  (dfd) is effectively closed by
 	 * this operation.
+	 *
 	 * Any other error code is just returned.
 	 */
 	switch (error) {
 	case EDUPFD:
 		/*
 		 * Check that the mode the file is being opened for is a
 		 * subset of the mode of the existing descriptor.
 		 */
 		if (((mode & (FREAD|FWRITE)) | fp->f_flag) != fp->f_flag) {
 			error = EACCES;
 			break;
+		}
 		/* Copy it. */
 		error = fd_dup(fp, 0, new, ff->ff_exclose);
 		break;
 	case EMOVEFD:
 		/* Copy it. */
 		error = fd_dup(fp, 0, new, ff->ff_exclose);
 		if (error != 0) {
 			break;
+		}
 		/* Steal away the file pointer from 'old'. */
 		(void)fd_close(old);
 		return 0;
+	}
 	fd_putfile(old);
 	return error;
+}
 /*
  * Sets descriptor owner. If the owner is a process, 'pgid'
  * is set to positive value, process ID. If the owner is process group,
  * 'pgid' is set to -pg_id.
  */
 int
 fsetown(pid_t *pgid, u_long cmd, const void *data)
+{
 	int id = *(const int *)data;
 	int error;
 	switch (cmd) {
 	case TIOCSPGRP:
 		if (id < 0)
 			return (EINVAL);
 		id = -id;
 		break;
 	default:
 		break;
+	}
 	if (id > 0 && !pfind(id))
 		return (ESRCH);
 	else if (id < 0 && (error = pgid_in_session(curproc, -id)))
 		return (error);
 	*pgid = id;
 	return (0);
+}
 /*
  * Return descriptor owner information. If the value is positive,
  * it's process ID. If it's negative, it's process group ID and
  * needs the sign removed before use.
  */
 int
 fgetown(pid_t pgid, u_long cmd, void *data)
+{
 	switch (cmd) {
 	case TIOCGPGRP:
 		*(int *)data = -pgid;
 		break;
 	default:
 		*(int *)data = pgid;
 		break;
+	}
 	return (0);
+}
 /*
  * Send signal to descriptor owner, either process or process group.
  */
 void
 fownsignal(pid_t pgid, int signo, int code, int band, void *fdescdata)
+{
 	ksiginfo_t ksi;
 	KASSERT(!cpu_intr_p());
 	if (pgid == 0) {
 		return;
+	}
 	KSI_INIT(&ksi);
 	ksi.ksi_signo = signo;
 	ksi.ksi_code = code;
 	ksi.ksi_band = band;
 	mutex_enter(proc_lock);
 	if (pgid > 0) {
 		struct proc *p1;
 		p1 = p_find(pgid, PFIND_LOCKED);
 		if (p1 != NULL) {
 			kpsignal(p1, &ksi, fdescdata);
+		}
 	} else {
 		struct pgrp *pgrp;
 		KASSERT(pgid < 0);
 		pgrp = pg_find(-pgid, PFIND_LOCKED);
 		if (pgrp != NULL) {
 			kpgsignal(pgrp, &ksi, fdescdata, 0);
+		}
+	}
 	mutex_exit(proc_lock);
+}
 int
 fd_clone(file_t *fp, unsigned fd, int flag, const struct fileops *fops,
 	 void *data)
+{
 	fp->f_flag = flag;
 	fp->f_type = DTYPE_MISC;
 	fp->f_ops = fops;
 	fp->f_data = data;
 	curlwp->l_dupfd = fd;
 	fd_affix(curproc, fp, fd);
 	return EMOVEFD;
+}
 int
 fnullop_fcntl(file_t *fp, u_int cmd, void *data)
+{
 	if (cmd == F_SETFL)
 		return 0;
 	return EOPNOTSUPP;
+}
 int
 fnullop_poll(file_t *fp, int which)
+{
 	return 0;
+}
 int
 fnullop_kqfilter(file_t *fp, struct knote *kn)
+{
 	return 0;
+}
 void
 fnullop_drain(file_t *fp)
+{
+}
 int
 fbadop_read(file_t *fp, off_t *offset, struct uio *uio,
 	    kauth_cred_t cred, int flags)
+{
 	return EOPNOTSUPP;
+}
 int
 fbadop_write(file_t *fp, off_t *offset, struct uio *uio,
 	     kauth_cred_t cred, int flags)
+{
 	return EOPNOTSUPP;
+}
 int
 fbadop_ioctl(file_t *fp, u_long com, void *data)
+{
 	return EOPNOTSUPP;
+}
 int
 fbadop_stat(file_t *fp, struct stat *sb)
+{
 	return EOPNOTSUPP;
+}
 int
 fbadop_close(file_t *fp)
+{
 	return EOPNOTSUPP;
+}

 @@ -1,1608 +1,1608 @@
-/*	$NetBSD: kern_lwp.c,v 1.135 2009/10/22 22:28:57 rmind Exp $	*/
+/*	$NetBSD: kern_lwp.c,v 1.136 2009/10/27 02:58:28 rmind Exp $	*/
 /*-
  * Copyright (c) 2001, 2006, 2007, 2008, 2009 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Nathan J. Williams, and Andrew Doran.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 /*
  * Overview
+ *
  *	Lightweight processes (LWPs) are the basic unit or thread of
  *	execution within the kernel.  The core state of an LWP is described
  *	by "struct lwp", also known as lwp_t.
+ *
  *	Each LWP is contained within a process (described by "struct proc"),
  *	Every process contains at least one LWP, but may contain more.  The
  *	process describes attributes shared among all of its LWPs such as a
  *	private address space, global execution state (stopped, active,
  *	zombie, ...), signal disposition and so on.  On a multiprocessor
  *	machine, multiple LWPs be executing concurrently in the kernel.
+ *
  * Execution states
+ *
  *	At any given time, an LWP has overall state that is described by
  *	lwp::l_stat.  The states are broken into two sets below.  The first
  *	set is guaranteed to represent the absolute, current state of the
  *	LWP:
+ *
  *	LSONPROC
+ *
  *		On processor: the LWP is executing on a CPU, either in the
  *		kernel or in user space.
+ *
  *	LSRUN
+ *
  *		Runnable: the LWP is parked on a run queue, and may soon be
  *		chosen to run by an idle processor, or by a processor that
  *		has been asked to preempt a currently runnning but lower
  *		priority LWP.
+ *
  *	LSIDL
+ *
  *		Idle: the LWP has been created but has not yet executed,
  *		or it has ceased executing a unit of work and is waiting
  *		to be started again.
+ *
  *	LSSUSPENDED:
+ *
  *		Suspended: the LWP has had its execution suspended by
  *		another LWP in the same process using the _lwp_suspend()
  *		system call.  User-level LWPs also enter the suspended
  *		state when the system is shutting down.
+ *
  *	The second set represent a "statement of intent" on behalf of the
  *	LWP.  The LWP may in fact be executing on a processor, may be
  *	sleeping or idle. It is expected to take the necessary action to
  *	stop executing or become "running" again within a short timeframe.
  *	The LP_RUNNING flag in lwp::l_pflag indicates that an LWP is running.
  *	Importantly, it indicates that its state is tied to a CPU.
+ *
  *	LSZOMB:
+ *
  *		Dead or dying: the LWP has released most of its resources
  *		and is about to switch away into oblivion, or has already
  *		switched away.  When it switches away, its few remaining
  *		resources can be collected.
+ *
  *	LSSLEEP:
+ *
  *		Sleeping: the LWP has entered itself onto a sleep queue, and
  *		has switched away or will switch away shortly to allow other
  *		LWPs to run on the CPU.
+ *
  *	LSSTOP:
+ *
  *		Stopped: the LWP has been stopped as a result of a job
  *		control signal, or as a result of the ptrace() interface.
+ *
  *		Stopped LWPs may run briefly within the kernel to handle
  *		signals that they receive, but will not return to user space
  *		until their process' state is changed away from stopped.
+ *
  *		Single LWPs within a process can not be set stopped
  *		selectively: all actions that can stop or continue LWPs
  *		occur at the process level.
+ *
  * State transitions
+ *
  *	Note that the LSSTOP state may only be set when returning to
  *	user space in userret(), or when sleeping interruptably.  The
  *	LSSUSPENDED state may only be set in userret().  Before setting
  *	those states, we try to ensure that the LWPs will release all
  *	locks that they hold, and at a minimum try to ensure that the
  *	LWP can be set runnable again by a signal.
+ *
  *	LWPs may transition states in the following ways:
+ *
  *	 RUN -------> ONPROC		ONPROC -----> RUN
  *		    				    > SLEEP
  *		    				    > STOPPED
  *						    > SUSPENDED
  *						    > ZOMB
  *						    > IDL (special cases)
+ *
  *	 STOPPED ---> RUN		SUSPENDED --> RUN
  *	            > SLEEP
+ *
  *	 SLEEP -----> ONPROC		IDL --------> RUN
  *		    > RUN			    > SUSPENDED
  *		    > STOPPED			    > STOPPED
  *						    > ONPROC (special cases)
+ *
  *	Some state transitions are only possible with kernel threads (eg
  *	ONPROC -> IDL) and happen under tightly controlled circumstances
  *	free of unwanted side effects.
+ *
  * Migration
+ *
  *	Migration of threads from one CPU to another could be performed
  *	internally by the scheduler via sched_takecpu() or sched_catchlwp()
  *	functions.  The universal lwp_migrate() function should be used for
  *	any other cases.  Subsystems in the kernel must be aware that CPU
  *	of LWP may change, while it is not locked.
+ *
  * Locking
+ *
  *	The majority of fields in 'struct lwp' are covered by a single,
  *	general spin lock pointed to by lwp::l_mutex.  The locks covering
  *	each field are documented in sys/lwp.h.
+ *
  *	State transitions must be made with the LWP's general lock held,
  *	and may cause the LWP's lock pointer to change. Manipulation of
  *	the general lock is not performed directly, but through calls to
  *	lwp_lock(), lwp_relock() and similar.
+ *
  *	States and their associated locks:
+ *
  *	LSONPROC, LSZOMB:
+ *
  *		Always covered by spc_lwplock, which protects running LWPs.
  *		This is a per-CPU lock and matches lwp::l_cpu.
+ *
  *	LSIDL, LSRUN:
+ *
  *		Always covered by spc_mutex, which protects the run queues.
  *		This is a per-CPU lock and matches lwp::l_cpu.
+ *
  *	LSSLEEP:
+ *
  *		Covered by a lock associated with the sleep queue that the
  *		LWP resides on.  Matches lwp::l_sleepq::sq_mutex.
+ *
  *	LSSTOP, LSSUSPENDED:
+ *
  *		If the LWP was previously sleeping (l_wchan != NULL), then
  *		l_mutex references the sleep queue lock.  If the LWP was
  *		runnable or on the CPU when halted, or has been removed from
  *		the sleep queue since halted, then the lock is spc_lwplock.
+ *
  *	The lock order is as follows:
+ *
  *		spc::spc_lwplock ->
  *		    sleeptab::st_mutex ->
  *			tschain_t::tc_mutex ->
  *			    spc::spc_mutex
+ *
  *	Each process has an scheduler state lock (proc::p_lock), and a
  *	number of counters on LWPs and their states: p_nzlwps, p_nrlwps, and
  *	so on.  When an LWP is to be entered into or removed from one of the
  *	following states, p_lock must be held and the process wide counters
  *	adjusted:
+ *
  *		LSIDL, LSZOMB, LSSTOP, LSSUSPENDED
+ *
  *	(But not always for kernel threads.  There are some special cases
  *	as mentioned above.  See kern_softint.c.)
+ *
  *	Note that an LWP is considered running or likely to run soon if in
  *	one of the following states.  This affects the value of p_nrlwps:
+ *
  *		LSRUN, LSONPROC, LSSLEEP
+ *
  *	p_lock does not need to be held when transitioning among these
  *	three states, hence p_lock is rarely taken for state transitions.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_lwp.c,v 1.135 2009/10/22 22:28:57 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_lwp.c,v 1.136 2009/10/27 02:58:28 rmind Exp $");
 #include "opt_ddb.h"
 #include "opt_lockdebug.h"
 #include "opt_sa.h"
 #define _LWP_API_PRIVATE
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/cpu.h>
 #include <sys/pool.h>
 #include <sys/proc.h>
 #include <sys/sa.h>
 #include <sys/savar.h>
 #include <sys/syscallargs.h>
 #include <sys/syscall_stats.h>
 #include <sys/kauth.h>
 #include <sys/sleepq.h>
 #include <sys/user.h>
 #include <sys/lockdebug.h>
 #include <sys/kmem.h>
 #include <sys/pset.h>
 #include <sys/intr.h>
 #include <sys/lwpctl.h>
 #include <sys/atomic.h>
 #include <sys/filedesc.h>
 #include <uvm/uvm_extern.h>
 #include <uvm/uvm_object.h>
 struct lwplist	alllwp = LIST_HEAD_INITIALIZER(alllwp);
 struct pool lwp_uc_pool;
 static pool_cache_t lwp_cache;
 static specificdata_domain_t lwp_specificdata_domain;
 void
 lwpinit(void)
+{
 	pool_init(&lwp_uc_pool, sizeof(ucontext_t), 0, 0, 0, "lwpucpl",
 	    &pool_allocator_nointr, IPL_NONE);
 	lwp_specificdata_domain = specificdata_domain_create();
 	KASSERT(lwp_specificdata_domain != NULL);
 	lwp_sys_init();
 	lwp_cache = pool_cache_init(sizeof(lwp_t), MIN_LWP_ALIGNMENT, 0, 0,
 	    "lwppl", NULL, IPL_NONE, NULL, NULL, NULL);
+}
 /*
  * Set an suspended.
+ *
  * Must be called with p_lock held, and the LWP locked.  Will unlock the
  * LWP before return.
  */
 int
 lwp_suspend(struct lwp *curl, struct lwp *t)
+{
 	int error;
 	KASSERT(mutex_owned(t->l_proc->p_lock));
 	KASSERT(lwp_locked(t, NULL));
 	KASSERT(curl != t || curl->l_stat == LSONPROC);
 	/*
 	 * If the current LWP has been told to exit, we must not suspend anyone
 	 * else or deadlock could occur.  We won't return to userspace.
 	 */
 	if ((curl->l_flag & (LW_WEXIT | LW_WCORE)) != 0) {
 		lwp_unlock(t);
 		return (EDEADLK);
+	}
 	error = 0;
 	switch (t->l_stat) {
 	case LSRUN:
 	case LSONPROC:
 		t->l_flag |= LW_WSUSPEND;
 		lwp_need_userret(t);
 		lwp_unlock(t);
 		break;
 	case LSSLEEP:
 		t->l_flag |= LW_WSUSPEND;
 		/*
 		 * Kick the LWP and try to get it to the kernel boundary
 		 * so that it will release any locks that it holds.
 		 * setrunnable() will release the lock.
 		 */
 		if ((t->l_flag & LW_SINTR) != 0)
 			setrunnable(t);
 		else
 			lwp_unlock(t);
 		break;
 	case LSSUSPENDED:
 		lwp_unlock(t);
 		break;
 	case LSSTOP:
 		t->l_flag |= LW_WSUSPEND;
 		setrunnable(t);
 		break;
 	case LSIDL:
 	case LSZOMB:
 		error = EINTR; /* It's what Solaris does..... */
 		lwp_unlock(t);
 		break;
+	}
 	return (error);
+}
 /*
  * Restart a suspended LWP.
+ *
  * Must be called with p_lock held, and the LWP locked.  Will unlock the
  * LWP before return.
  */
 void
 lwp_continue(struct lwp *l)
+{
 	KASSERT(mutex_owned(l->l_proc->p_lock));
 	KASSERT(lwp_locked(l, NULL));
 	/* If rebooting or not suspended, then just bail out. */
 	if ((l->l_flag & LW_WREBOOT) != 0) {
 		lwp_unlock(l);
 		return;
+	}
 	l->l_flag &= ~LW_WSUSPEND;
 	if (l->l_stat != LSSUSPENDED) {
 		lwp_unlock(l);
 		return;
+	}
 	/* setrunnable() will release the lock. */
 	setrunnable(l);
+}
 /*
  * Wait for an LWP within the current process to exit.  If 'lid' is
  * non-zero, we are waiting for a specific LWP.
+ *
  * Must be called with p->p_lock held.
  */
 int
 lwp_wait1(struct lwp *l, lwpid_t lid, lwpid_t *departed, int flags)
+{
 	struct proc *p = l->l_proc;
 	struct lwp *l2;
 	int nfound, error;
 	lwpid_t curlid;
 	bool exiting;
 	KASSERT(mutex_owned(p->p_lock));
 	p->p_nlwpwait++;
 	l->l_waitingfor = lid;
 	curlid = l->l_lid;
 	exiting = ((flags & LWPWAIT_EXITCONTROL) != 0);
 	for (;;) {
 		/*
 		 * Avoid a race between exit1() and sigexit(): if the
 		 * process is dumping core, then we need to bail out: call
 		 * into lwp_userret() where we will be suspended until the
 		 * deed is done.
 		 */
 		if ((p->p_sflag & PS_WCORE) != 0) {
 			mutex_exit(p->p_lock);
 			lwp_userret(l);
 #ifdef DIAGNOSTIC
 			panic("lwp_wait1");
 #endif
 			/* NOTREACHED */
+		}
 		/*
 		 * First off, drain any detached LWP that is waiting to be
 		 * reaped.
 		 */
 		while ((l2 = p->p_zomblwp) != NULL) {
 			p->p_zomblwp = NULL;
 			lwp_free(l2, false, false);/* releases proc mutex */
 			mutex_enter(p->p_lock);
+		}
 		/*
 		 * Now look for an LWP to collect.  If the whole process is
 		 * exiting, count detached LWPs as eligible to be collected,
 		 * but don't drain them here.
 		 */
 		nfound = 0;
 		error = 0;
 		LIST_FOREACH(l2, &p->p_lwps, l_sibling) {
 			/*
 			 * If a specific wait and the target is waiting on
 			 * us, then avoid deadlock.  This also traps LWPs
 			 * that try to wait on themselves.
+			 *
 			 * Note that this does not handle more complicated
 			 * cycles, like: t1 -> t2 -> t3 -> t1.  The process
 			 * can still be killed so it is not a major problem.
 			 */
 			if (l2->l_lid == lid && l2->l_waitingfor == curlid) {
 				error = EDEADLK;
 				break;
+			}
 			if (l2 == l)
 				continue;
 			if ((l2->l_prflag & LPR_DETACHED) != 0) {
 				nfound += exiting;
 				continue;
+			}
 			if (lid != 0) {
 				if (l2->l_lid != lid)
 					continue;
 				/*
 				 * Mark this LWP as the first waiter, if there
 				 * is no other.
 				 */
 				if (l2->l_waiter == 0)
 					l2->l_waiter = curlid;
 			} else if (l2->l_waiter != 0) {
 				/*
 				 * It already has a waiter - so don't
 				 * collect it.  If the waiter doesn't
 				 * grab it we'll get another chance
 				 * later.
 				 */
 				nfound++;
 				continue;
+			}
 			nfound++;
 			/* No need to lock the LWP in order to see LSZOMB. */
 			if (l2->l_stat != LSZOMB)
 				continue;
 			/*
 			 * We're no longer waiting.  Reset the "first waiter"
 			 * pointer on the target, in case it was us.
 			 */
 			l->l_waitingfor = 0;
 			l2->l_waiter = 0;
 			p->p_nlwpwait--;
 			if (departed)
 				*departed = l2->l_lid;
 			sched_lwp_collect(l2);
 			/* lwp_free() releases the proc lock. */
 			lwp_free(l2, false, false);
 			mutex_enter(p->p_lock);
 			return 0;
+		}
 		if (error != 0)
 			break;
 		if (nfound == 0) {
 			error = ESRCH;
 			break;
+		}
 		/*
 		 * The kernel is careful to ensure that it can not deadlock
 		 * when exiting - just keep waiting.
 		 */
 		if (exiting) {
 			KASSERT(p->p_nlwps > 1);
 			cv_wait(&p->p_lwpcv, p->p_lock);
 			continue;
+		}
 		/*
 		 * If all other LWPs are waiting for exits or suspends
 		 * and the supply of zombies and potential zombies is
 		 * exhausted, then we are about to deadlock.
+		 *
 		 * If the process is exiting (and this LWP is not the one
 		 * that is coordinating the exit) then bail out now.
 		 */
 		if ((p->p_sflag & PS_WEXIT) != 0 ||
 		    p->p_nrlwps + p->p_nzlwps - p->p_ndlwps <= p->p_nlwpwait) {
 			error = EDEADLK;
 			break;
+		}
 		/*
 		 * Sit around and wait for something to happen.  We'll be
 		 * awoken if any of the conditions examined change: if an
 		 * LWP exits, is collected, or is detached.
 		 */
 		if ((error = cv_wait_sig(&p->p_lwpcv, p->p_lock)) != 0)
 			break;
+	}
 	/*
 	 * We didn't find any LWPs to collect, we may have received a
 	 * signal, or some other condition has caused us to bail out.
+	 *
 	 * If waiting on a specific LWP, clear the waiters marker: some
 	 * other LWP may want it.  Then, kick all the remaining waiters
 	 * so that they can re-check for zombies and for deadlock.
 	 */
 	if (lid != 0) {
 		LIST_FOREACH(l2, &p->p_lwps, l_sibling) {
 			if (l2->l_lid == lid) {
 				if (l2->l_waiter == curlid)
 					l2->l_waiter = 0;
 				break;
+			}
+		}
+	}
 	p->p_nlwpwait--;
 	l->l_waitingfor = 0;
 	cv_broadcast(&p->p_lwpcv);
 	return error;
+}
 /*
  * Create a new LWP within process 'p2', using LWP 'l1' as a template.
  * The new LWP is created in state LSIDL and must be set running,
  * suspended, or stopped by the caller.
  */
 int
 lwp_create(lwp_t *l1, proc_t *p2, vaddr_t uaddr, int flags,
 	   void *stack, size_t stacksize, void (*func)(void *), void *arg,
 	   lwp_t **rnewlwpp, int sclass)
+{
 	struct lwp *l2, *isfree;
 	turnstile_t *ts;
 	KASSERT(l1 == curlwp || l1->l_proc == &proc0);
 	/*
 	 * First off, reap any detached LWP waiting to be collected.
 	 * We can re-use its LWP structure and turnstile.
 	 */
 	isfree = NULL;
 	if (p2->p_zomblwp != NULL) {
 		mutex_enter(p2->p_lock);
 		if ((isfree = p2->p_zomblwp) != NULL) {
 			p2->p_zomblwp = NULL;
 			lwp_free(isfree, true, false);/* releases proc mutex */
 		} else
 			mutex_exit(p2->p_lock);
+	}
 	if (isfree == NULL) {
 		l2 = pool_cache_get(lwp_cache, PR_WAITOK);
 		memset(l2, 0, sizeof(*l2));
 		l2->l_ts = pool_cache_get(turnstile_cache, PR_WAITOK);
 		SLIST_INIT(&l2->l_pi_lenders);
 	} else {
 		l2 = isfree;
 		ts = l2->l_ts;
 		KASSERT(l2->l_inheritedprio == -1);
 		KASSERT(SLIST_EMPTY(&l2->l_pi_lenders));
 		memset(l2, 0, sizeof(*l2));
 		l2->l_ts = ts;
+	}
 	l2->l_stat = LSIDL;
 	l2->l_proc = p2;
 	l2->l_refcnt = 1;
 	l2->l_class = sclass;
 	/*
 	 * If vfork(), we want the LWP to run fast and on the same CPU
 	 * as its parent, so that it can reuse the VM context and cache
 	 * footprint on the local CPU.
 	 */
 	l2->l_kpriority = ((flags & LWP_VFORK) ? true : false);
 	l2->l_kpribase = PRI_KERNEL;
 	l2->l_priority = l1->l_priority;
 	l2->l_inheritedprio = -1;
 	l2->l_flag = 0;
 	l2->l_pflag = LP_MPSAFE;
 	TAILQ_INIT(&l2->l_ld_locks);
 	/*
 	 * If not the first LWP in the process, grab a reference to the
 	 * descriptor table.
 	 */
 	l2->l_fd = p2->p_fd;
 	if (p2->p_nlwps != 0) {
 		KASSERT(l1->l_proc == p2);
-		atomic_inc_uint(&l2->l_fd->fd_refcnt);
+		fd_hold(l2);
 	} else {
 		KASSERT(l1->l_proc != p2);
+	}
 	if (p2->p_flag & PK_SYSTEM) {
 		/* Mark it as a system LWP. */
 		l2->l_flag |= LW_SYSTEM;
+	}
 	kpreempt_disable();
 	l2->l_mutex = l1->l_cpu->ci_schedstate.spc_mutex;
 	l2->l_cpu = l1->l_cpu;
 	kpreempt_enable();
 	lwp_initspecific(l2);
 	sched_lwp_fork(l1, l2);
 	lwp_update_creds(l2);
 	callout_init(&l2->l_timeout_ch, CALLOUT_MPSAFE);
 	callout_setfunc(&l2->l_timeout_ch, sleepq_timeout, l2);
 	cv_init(&l2->l_sigcv, "sigwait");
 	l2->l_syncobj = &sched_syncobj;
 	if (rnewlwpp != NULL)
 		*rnewlwpp = l2;
 	l2->l_addr = UAREA_TO_USER(uaddr);
 	uvm_lwp_fork(l1, l2, stack, stacksize, func,
 	    (arg != NULL) ? arg : l2);
 	mutex_enter(p2->p_lock);
 	if ((flags & LWP_DETACHED) != 0) {
 		l2->l_prflag = LPR_DETACHED;
 		p2->p_ndlwps++;
 	} else
 		l2->l_prflag = 0;
 	l2->l_sigmask = l1->l_sigmask;
 	CIRCLEQ_INIT(&l2->l_sigpend.sp_info);
 	sigemptyset(&l2->l_sigpend.sp_set);
 	p2->p_nlwpid++;
 	if (p2->p_nlwpid == 0)
 		p2->p_nlwpid++;
 	l2->l_lid = p2->p_nlwpid;
 	LIST_INSERT_HEAD(&p2->p_lwps, l2, l_sibling);
 	p2->p_nlwps++;
 	if ((p2->p_flag & PK_SYSTEM) == 0) {
 		/* Inherit an affinity */
 		if (l1->l_flag & LW_AFFINITY) {
 			/*
 			 * Note that we hold the state lock while inheriting
 			 * the affinity to avoid race with sched_setaffinity().
 			 */
 			lwp_lock(l1);
 			if (l1->l_flag & LW_AFFINITY) {
 				kcpuset_use(l1->l_affinity);
 				l2->l_affinity = l1->l_affinity;
 				l2->l_flag |= LW_AFFINITY;
+			}
 			lwp_unlock(l1);
+		}
 		lwp_lock(l2);
 		/* Inherit a processor-set */
 		l2->l_psid = l1->l_psid;
 		/* Look for a CPU to start */
 		l2->l_cpu = sched_takecpu(l2);
 		lwp_unlock_to(l2, l2->l_cpu->ci_schedstate.spc_mutex);
+	}
 	mutex_exit(p2->p_lock);
 	mutex_enter(proc_lock);
 	LIST_INSERT_HEAD(&alllwp, l2, l_list);
 	mutex_exit(proc_lock);
 	SYSCALL_TIME_LWP_INIT(l2);
 	if (p2->p_emul->e_lwp_fork)
 		(*p2->p_emul->e_lwp_fork)(l1, l2);
 	return (0);
+}
 /*
  * Called by MD code when a new LWP begins execution.  Must be called
  * with the previous LWP locked (so at splsched), or if there is no
  * previous LWP, at splsched.
  */
 void
 lwp_startup(struct lwp *prev, struct lwp *new)
+{
 	KASSERT(kpreempt_disabled());
 	if (prev != NULL) {
 		/*
 		 * Normalize the count of the spin-mutexes, it was
 		 * increased in mi_switch().  Unmark the state of
 		 * context switch - it is finished for previous LWP.
 		 */
 		curcpu()->ci_mtx_count++;
 		membar_exit();
 		prev->l_ctxswtch = 0;
+	}
 	KPREEMPT_DISABLE(new);
 	spl0();
 	pmap_activate(new);
 	LOCKDEBUG_BARRIER(NULL, 0);
 	KPREEMPT_ENABLE(new);
 	if ((new->l_pflag & LP_MPSAFE) == 0) {
 		KERNEL_LOCK(1, new);
+	}
+}
 /*
  * Exit an LWP.
  */
 void
 lwp_exit(struct lwp *l)
+{
 	struct proc *p = l->l_proc;
 	struct lwp *l2;
 	bool current;
 	current = (l == curlwp);
 	KASSERT(current || (l->l_stat == LSIDL && l->l_target_cpu == NULL));
 	KASSERT(p == curproc);
 	/*
 	 * Verify that we hold no locks other than the kernel lock.
 	 */
 	LOCKDEBUG_BARRIER(&kernel_lock, 0);
 	/*
 	 * If we are the last live LWP in a process, we need to exit the
 	 * entire process.  We do so with an exit status of zero, because
 	 * it's a "controlled" exit, and because that's what Solaris does.
+	 *
 	 * We are not quite a zombie yet, but for accounting purposes we
 	 * must increment the count of zombies here.
+	 *
 	 * Note: the last LWP's specificdata will be deleted here.
 	 */
 	mutex_enter(p->p_lock);
 	if (p->p_nlwps - p->p_nzlwps == 1) {
 		KASSERT(current == true);
 		/* XXXSMP kernel_lock not held */
 		exit1(l, 0);
 		/* NOTREACHED */
+	}
 	p->p_nzlwps++;
 	mutex_exit(p->p_lock);
 	if (p->p_emul->e_lwp_exit)
 		(*p->p_emul->e_lwp_exit)(l);
 	/* Drop filedesc reference. */
 	fd_free();
 	/* Delete the specificdata while it's still safe to sleep. */
 	specificdata_fini(lwp_specificdata_domain, &l->l_specdataref);
 	/*
 	 * Release our cached credentials.
 	 */
 	kauth_cred_free(l->l_cred);
 	callout_destroy(&l->l_timeout_ch);
 	/*
 	 * Remove the LWP from the global list.
 	 */
 	mutex_enter(proc_lock);
 	LIST_REMOVE(l, l_list);
 	mutex_exit(proc_lock);
 	/*
 	 * Get rid of all references to the LWP that others (e.g. procfs)
 	 * may have, and mark the LWP as a zombie.  If the LWP is detached,
 	 * mark it waiting for collection in the proc structure.  Note that
 	 * before we can do that, we need to free any other dead, deatched
 	 * LWP waiting to meet its maker.
 	 */
 	mutex_enter(p->p_lock);
 	lwp_drainrefs(l);
 	if ((l->l_prflag & LPR_DETACHED) != 0) {
 		while ((l2 = p->p_zomblwp) != NULL) {
 			p->p_zomblwp = NULL;
 			lwp_free(l2, false, false);/* releases proc mutex */
 			mutex_enter(p->p_lock);
 			l->l_refcnt++;
 			lwp_drainrefs(l);
+		}
 		p->p_zomblwp = l;
+	}
 	/*
 	 * If we find a pending signal for the process and we have been
 	 * asked to check for signals, then we loose: arrange to have
 	 * all other LWPs in the process check for signals.
 	 */
 	if ((l->l_flag & LW_PENDSIG) != 0 &&
 	    firstsig(&p->p_sigpend.sp_set) != 0) {
 		LIST_FOREACH(l2, &p->p_lwps, l_sibling) {
 			lwp_lock(l2);
 			l2->l_flag |= LW_PENDSIG;
 			lwp_unlock(l2);
+		}
+	}
 	lwp_lock(l);
 	l->l_stat = LSZOMB;
 	if (l->l_name != NULL)
 		strcpy(l->l_name, "(zombie)");
 	if (l->l_flag & LW_AFFINITY) {
 		l->l_flag &= ~LW_AFFINITY;
 	} else {
 		KASSERT(l->l_affinity == NULL);
+	}
 	lwp_unlock(l);
 	p->p_nrlwps--;
 	cv_broadcast(&p->p_lwpcv);
 	if (l->l_lwpctl != NULL)
 		l->l_lwpctl->lc_curcpu = LWPCTL_CPU_EXITED;
 	mutex_exit(p->p_lock);
 	/* Safe without lock since LWP is in zombie state */
 	if (l->l_affinity) {
 		kcpuset_unuse(l->l_affinity, NULL);
 		l->l_affinity = NULL;
+	}
 	/*
 	 * We can no longer block.  At this point, lwp_free() may already
 	 * be gunning for us.  On a multi-CPU system, we may be off p_lwps.
+	 *
 	 * Free MD LWP resources.
 	 */
 	cpu_lwp_free(l, 0);
 	if (current) {
 		pmap_deactivate(l);
 		/*
 		 * Release the kernel lock, and switch away into
 		 * oblivion.
 		 */
 #ifdef notyet
 		/* XXXSMP hold in lwp_userret() */
 		KERNEL_UNLOCK_LAST(l);
 #else
 		KERNEL_UNLOCK_ALL(l, NULL);
 #endif
 		lwp_exit_switchaway(l);
+	}
+}
 /*
  * Free a dead LWP's remaining resources.
+ *
  * XXXLWP limits.
  */
 void
 lwp_free(struct lwp *l, bool recycle, bool last)
+{
 	struct proc *p = l->l_proc;
 	struct rusage *ru;
 	ksiginfoq_t kq;
 	KASSERT(l != curlwp);
 	/*
 	 * If this was not the last LWP in the process, then adjust
 	 * counters and unlock.
 	 */
 	if (!last) {
 		/*
 		 * Add the LWP's run time to the process' base value.
 		 * This needs to co-incide with coming off p_lwps.
 		 */
 		bintime_add(&p->p_rtime, &l->l_rtime);
 		p->p_pctcpu += l->l_pctcpu;
 		ru = &p->p_stats->p_ru;
 		ruadd(ru, &l->l_ru);
 		ru->ru_nvcsw += (l->l_ncsw - l->l_nivcsw);
 		ru->ru_nivcsw += l->l_nivcsw;
 		LIST_REMOVE(l, l_sibling);
 		p->p_nlwps--;
 		p->p_nzlwps--;
 		if ((l->l_prflag & LPR_DETACHED) != 0)
 			p->p_ndlwps--;
 		/*
 		 * Have any LWPs sleeping in lwp_wait() recheck for
 		 * deadlock.
 		 */
 		cv_broadcast(&p->p_lwpcv);
 		mutex_exit(p->p_lock);
+	}
 #ifdef MULTIPROCESSOR
 	/*
 	 * In the unlikely event that the LWP is still on the CPU,
 	 * then spin until it has switched away.  We need to release
 	 * all locks to avoid deadlock against interrupt handlers on
 	 * the target CPU.
 	 */
 	if ((l->l_pflag & LP_RUNNING) != 0 || l->l_cpu->ci_curlwp == l) {
 		int count;
 		(void)count; /* XXXgcc */
 		KERNEL_UNLOCK_ALL(curlwp, &count);
 		while ((l->l_pflag & LP_RUNNING) != 0 ||
 		    l->l_cpu->ci_curlwp == l)
 			SPINLOCK_BACKOFF_HOOK;
 		KERNEL_LOCK(count, curlwp);
+	}
 #endif
 	/*
 	 * Destroy the LWP's remaining signal information.
 	 */
 	ksiginfo_queue_init(&kq);
 	sigclear(&l->l_sigpend, NULL, &kq);
 	ksiginfo_queue_drain(&kq);
 	cv_destroy(&l->l_sigcv);
 	/*
 	 * Free the LWP's turnstile and the LWP structure itself unless the
 	 * caller wants to recycle them.  Also, free the scheduler specific
 	 * data.
+	 *
 	 * We can't return turnstile0 to the pool (it didn't come from it),
 	 * so if it comes up just drop it quietly and move on.
+	 *
 	 * We don't recycle the VM resources at this time.
 	 */
 	if (l->l_lwpctl != NULL)
 		lwp_ctl_free(l);
 	if (!recycle && l->l_ts != &turnstile0)
 		pool_cache_put(turnstile_cache, l->l_ts);
 	if (l->l_name != NULL)
 		kmem_free(l->l_name, MAXCOMLEN);
 	cpu_lwp_free2(l);
 	uvm_lwp_exit(l);
 	KASSERT(SLIST_EMPTY(&l->l_pi_lenders));
 	KASSERT(l->l_inheritedprio == -1);
 	if (!recycle)
 		pool_cache_put(lwp_cache, l);
+}
 /*
  * Migrate the LWP to the another CPU.  Unlocks the LWP.
  */
 void
 lwp_migrate(lwp_t *l, struct cpu_info *tci)
+{
 	struct schedstate_percpu *tspc;
 	int lstat = l->l_stat;
 	KASSERT(lwp_locked(l, NULL));
 	KASSERT(tci != NULL);
 	/* If LWP is still on the CPU, it must be handled like LSONPROC */
 	if ((l->l_pflag & LP_RUNNING) != 0) {
 		lstat = LSONPROC;
+	}
 	/*
 	 * The destination CPU could be changed while previous migration
 	 * was not finished.
 	 */
 	if (l->l_target_cpu != NULL) {
 		l->l_target_cpu = tci;
 		lwp_unlock(l);
 		return;
+	}
 	/* Nothing to do if trying to migrate to the same CPU */
 	if (l->l_cpu == tci) {
 		lwp_unlock(l);
 		return;
+	}
 	KASSERT(l->l_target_cpu == NULL);
 	tspc = &tci->ci_schedstate;
 	switch (lstat) {
 	case LSRUN:
 		l->l_target_cpu = tci;
 		break;
 	case LSIDL:
 		l->l_cpu = tci;
 		lwp_unlock_to(l, tspc->spc_mutex);
 		return;
 	case LSSLEEP:
 		l->l_cpu = tci;
 		break;
 	case LSSTOP:
 	case LSSUSPENDED:
 		l->l_cpu = tci;
 		if (l->l_wchan == NULL) {
 			lwp_unlock_to(l, tspc->spc_lwplock);
 			return;
+		}
 		break;
 	case LSONPROC:
 		l->l_target_cpu = tci;
 		spc_lock(l->l_cpu);
 		cpu_need_resched(l->l_cpu, RESCHED_KPREEMPT);
 		spc_unlock(l->l_cpu);
 		break;
+	}
 	lwp_unlock(l);
+}
 /*
  * Find the LWP in the process.  Arguments may be zero, in such case,
  * the calling process and first LWP in the list will be used.
  * On success - returns proc locked.
  */
 struct lwp *
 lwp_find2(pid_t pid, lwpid_t lid)
+{
 	proc_t *p;
 	lwp_t *l;
 	/* Find the process */
 	p = (pid == 0) ? curlwp->l_proc : p_find(pid, PFIND_UNLOCK_FAIL);
 	if (p == NULL)
 		return NULL;
 	mutex_enter(p->p_lock);
 	if (pid != 0) {
 		/* Case of p_find */
 		mutex_exit(proc_lock);
+	}
 	/* Find the thread */
 	l = (lid == 0) ? LIST_FIRST(&p->p_lwps) : lwp_find(p, lid);
 	if (l == NULL) {
 		mutex_exit(p->p_lock);
+	}
 	return l;
+}
 /*
  * Look up a live LWP within the speicifed process, and return it locked.
+ *
  * Must be called with p->p_lock held.
  */
 struct lwp *
 lwp_find(struct proc *p, int id)
+{
 	struct lwp *l;
 	KASSERT(mutex_owned(p->p_lock));
 	LIST_FOREACH(l, &p->p_lwps, l_sibling) {
 		if (l->l_lid == id)
 			break;
+	}
 	/*
 	 * No need to lock - all of these conditions will
 	 * be visible with the process level mutex held.
 	 */
 	if (l != NULL && (l->l_stat == LSIDL || l->l_stat == LSZOMB))
 		l = NULL;
 	return l;
+}
 /*
  * Update an LWP's cached credentials to mirror the process' master copy.
+ *
  * This happens early in the syscall path, on user trap, and on LWP
  * creation.  A long-running LWP can also voluntarily choose to update
  * it's credentials by calling this routine.  This may be called from
  * LWP_CACHE_CREDS(), which checks l->l_cred != p->p_cred beforehand.
  */
 void
 lwp_update_creds(struct lwp *l)
+{
 	kauth_cred_t oc;
 	struct proc *p;
 	p = l->l_proc;
 	oc = l->l_cred;
 	mutex_enter(p->p_lock);
 	kauth_cred_hold(p->p_cred);
 	l->l_cred = p->p_cred;
 	l->l_prflag &= ~LPR_CRMOD;
 	mutex_exit(p->p_lock);
 	if (oc != NULL)
 		kauth_cred_free(oc);
+}
 /*
  * Verify that an LWP is locked, and optionally verify that the lock matches
  * one we specify.
  */
 int
 lwp_locked(struct lwp *l, kmutex_t *mtx)
+{
 	kmutex_t *cur = l->l_mutex;
 	return mutex_owned(cur) && (mtx == cur || mtx == NULL);
+}
 /*
  * Lock an LWP.
  */
 kmutex_t *
 lwp_lock_retry(struct lwp *l, kmutex_t *old)
+{
 	/*
 	 * XXXgcc ignoring kmutex_t * volatile on i386
+	 *
 	 * gcc version 4.1.2 20061021 prerelease (NetBSD nb1 20061021)
 	 */
 #if 1
 	while (l->l_mutex != old) {
 #else
 	for (;;) {
 #endif
 		mutex_spin_exit(old);
 		old = l->l_mutex;
 		mutex_spin_enter(old);
 		/*
 		 * mutex_enter() will have posted a read barrier.  Re-test
 		 * l->l_mutex.  If it has changed, we need to try again.
 		 */
 #if 1
+	}
 #else
 	} while (__predict_false(l->l_mutex != old));
 #endif
 	return old;
+}
 /*
  * Lend a new mutex to an LWP.  The old mutex must be held.
  */
 void
 lwp_setlock(struct lwp *l, kmutex_t *new)
+{
 	KASSERT(mutex_owned(l->l_mutex));
 	membar_exit();
 	l->l_mutex = new;
+}
 /*
  * Lend a new mutex to an LWP, and release the old mutex.  The old mutex
  * must be held.
  */
 void
 lwp_unlock_to(struct lwp *l, kmutex_t *new)
+{
 	kmutex_t *old;
 	KASSERT(mutex_owned(l->l_mutex));
 	old = l->l_mutex;
 	membar_exit();
 	l->l_mutex = new;
 	mutex_spin_exit(old);
+}
 /*
  * Acquire a new mutex, and donate it to an LWP.  The LWP must already be
  * locked.
  */
 void
 lwp_relock(struct lwp *l, kmutex_t *new)
+{
 	kmutex_t *old;
 	KASSERT(mutex_owned(l->l_mutex));
 	old = l->l_mutex;
 	if (old != new) {
 		mutex_spin_enter(new);
 		l->l_mutex = new;
 		mutex_spin_exit(old);
+	}
+}
 int
 lwp_trylock(struct lwp *l)
+{
 	kmutex_t *old;
 	for (;;) {
 		if (!mutex_tryenter(old = l->l_mutex))
 			return 0;
 		if (__predict_true(l->l_mutex == old))
 			return 1;
 		mutex_spin_exit(old);
+	}
+}
 void
 lwp_unsleep(lwp_t *l, bool cleanup)
+{
 	KASSERT(mutex_owned(l->l_mutex));
 	(*l->l_syncobj->sobj_unsleep)(l, cleanup);
+}
 /*
  * Handle exceptions for mi_userret().  Called if a member of LW_USERRET is
  * set.
  */
 void
 lwp_userret(struct lwp *l)
+{
 	struct proc *p;
 	void (*hook)(void);
 	int sig;
 	KASSERT(l == curlwp);
 	KASSERT(l->l_stat == LSONPROC);
 	p = l->l_proc;
 #ifndef __HAVE_FAST_SOFTINTS
 	/* Run pending soft interrupts. */
 	if (l->l_cpu->ci_data.cpu_softints != 0)
 		softint_overlay();
 #endif
 #ifdef KERN_SA
 	/* Generate UNBLOCKED upcall if needed */
 	if (l->l_flag & LW_SA_BLOCKING) {
 		sa_unblock_userret(l);
 		/* NOTREACHED */
+	}
 #endif
 	/*
 	 * It should be safe to do this read unlocked on a multiprocessor
 	 * system..
+	 *
 	 * LW_SA_UPCALL will be handled after the while() loop, so don't
 	 * consider it now.
 	 */
 	while ((l->l_flag & (LW_USERRET & ~(LW_SA_UPCALL))) != 0) {
 		/*
 		 * Process pending signals first, unless the process
 		 * is dumping core or exiting, where we will instead
 		 * enter the LW_WSUSPEND case below.
 		 */
 		if ((l->l_flag & (LW_PENDSIG | LW_WCORE | LW_WEXIT)) ==
 		    LW_PENDSIG) {
 			mutex_enter(p->p_lock);
 			while ((sig = issignal(l)) != 0)
 				postsig(sig);
 			mutex_exit(p->p_lock);
+		}
 		/*
 		 * Core-dump or suspend pending.
+		 *
 		 * In case of core dump, suspend ourselves, so that the
 		 * kernel stack and therefore the userland registers saved
 		 * in the trapframe are around for coredump() to write them
 		 * out.  We issue a wakeup on p->p_lwpcv so that sigexit()
 		 * will write the core file out once all other LWPs are
 		 * suspended.
 		 */
 		if ((l->l_flag & LW_WSUSPEND) != 0) {
 			mutex_enter(p->p_lock);
 			p->p_nrlwps--;
 			cv_broadcast(&p->p_lwpcv);
 			lwp_lock(l);
 			l->l_stat = LSSUSPENDED;
 			lwp_unlock(l);
 			mutex_exit(p->p_lock);
 			lwp_lock(l);
 			mi_switch(l);
+		}
 		/* Process is exiting. */
 		if ((l->l_flag & LW_WEXIT) != 0) {
 			lwp_exit(l);
 			KASSERT(0);
 			/* NOTREACHED */
+		}
 		/* Call userret hook; used by Linux emulation. */
 		if ((l->l_flag & LW_WUSERRET) != 0) {
 			lwp_lock(l);
 			l->l_flag &= ~LW_WUSERRET;
 			lwp_unlock(l);
 			hook = p->p_userret;
 			p->p_userret = NULL;
 			(*hook)();
+		}
+	}
 #ifdef KERN_SA
 	/*
 	 * Timer events are handled specially.  We only try once to deliver
 	 * pending timer upcalls; if if fails, we can try again on the next
 	 * loop around.  If we need to re-enter lwp_userret(), MD code will
 	 * bounce us back here through the trap path after we return.
 	 */
 	if (p->p_timerpend)
 		timerupcall(l);
 	if (l->l_flag & LW_SA_UPCALL)
 		sa_upcall_userret(l);
 #endif /* KERN_SA */
+}
 /*
  * Force an LWP to enter the kernel, to take a trip through lwp_userret().
  */
 void
 lwp_need_userret(struct lwp *l)
+{
 	KASSERT(lwp_locked(l, NULL));
 	/*
 	 * Since the tests in lwp_userret() are done unlocked, make sure
 	 * that the condition will be seen before forcing the LWP to enter
 	 * kernel mode.
 	 */
 	membar_producer();
 	cpu_signotify(l);
+}
 /*
  * Add one reference to an LWP.  This will prevent the LWP from
  * exiting, thus keep the lwp structure and PCB around to inspect.
  */
 void
 lwp_addref(struct lwp *l)
+{
 	KASSERT(mutex_owned(l->l_proc->p_lock));
 	KASSERT(l->l_stat != LSZOMB);
 	KASSERT(l->l_refcnt != 0);
 	l->l_refcnt++;
+}
 /*
  * Remove one reference to an LWP.  If this is the last reference,
  * then we must finalize the LWP's death.
  */
 void
 lwp_delref(struct lwp *l)
+{
 	struct proc *p = l->l_proc;
 	mutex_enter(p->p_lock);
 	KASSERT(l->l_stat != LSZOMB);
 	KASSERT(l->l_refcnt > 0);
 	if (--l->l_refcnt == 0)
 		cv_broadcast(&p->p_lwpcv);
 	mutex_exit(p->p_lock);
+}
 /*
  * Drain all references to the current LWP.
  */
 void
 lwp_drainrefs(struct lwp *l)
+{
 	struct proc *p = l->l_proc;
 	KASSERT(mutex_owned(p->p_lock));
 	KASSERT(l->l_refcnt != 0);
 	l->l_refcnt--;
 	while (l->l_refcnt != 0)
 		cv_wait(&p->p_lwpcv, p->p_lock);
+}
 /*
  * Return true if the specified LWP is 'alive'.  Only p->p_lock need
  * be held.
  */
 bool
 lwp_alive(lwp_t *l)
+{
 	KASSERT(mutex_owned(l->l_proc->p_lock));
 	switch (l->l_stat) {
 	case LSSLEEP:
 	case LSRUN:
 	case LSONPROC:
 	case LSSTOP:
 	case LSSUSPENDED:
 		return true;
 	default:
 		return false;
+	}
+}
 /*
  * Return first live LWP in the process.
  */
 lwp_t *
 lwp_find_first(proc_t *p)
+{
 	lwp_t *l;
 	KASSERT(mutex_owned(p->p_lock));
 	LIST_FOREACH(l, &p->p_lwps, l_sibling) {
 		if (lwp_alive(l)) {
 			return l;
+		}
+	}
 	return NULL;
+}
 /*
  * lwp_specific_key_create --
  *	Create a key for subsystem lwp-specific data.
  */
 int
 lwp_specific_key_create(specificdata_key_t *keyp, specificdata_dtor_t dtor)
+{
 	return (specificdata_key_create(lwp_specificdata_domain, keyp, dtor));
+}
 /*
  * lwp_specific_key_delete --
  *	Delete a key for subsystem lwp-specific data.
  */
 void
 lwp_specific_key_delete(specificdata_key_t key)
+{
 	specificdata_key_delete(lwp_specificdata_domain, key);
+}
 /*
  * lwp_initspecific --
  *	Initialize an LWP's specificdata container.
  */
 void
 lwp_initspecific(struct lwp *l)
+{
 	int error;
 	error = specificdata_init(lwp_specificdata_domain, &l->l_specdataref);
 	KASSERT(error == 0);
+}
 /*
  * lwp_finispecific --
  *	Finalize an LWP's specificdata container.
  */
 void
 lwp_finispecific(struct lwp *l)
+{
 	specificdata_fini(lwp_specificdata_domain, &l->l_specdataref);
+}
 /*
  * lwp_getspecific --
  *	Return lwp-specific data corresponding to the specified key.
+ *
  *	Note: LWP specific data is NOT INTERLOCKED.  An LWP should access
  *	only its OWN SPECIFIC DATA.  If it is necessary to access another
  *	LWP's specifc data, care must be taken to ensure that doing so
  *	would not cause internal data structure inconsistency (i.e. caller
  *	can guarantee that the target LWP is not inside an lwp_getspecific()
  *	or lwp_setspecific() call).
  */
 void *
 lwp_getspecific(specificdata_key_t key)
+{
 	return (specificdata_getspecific_unlocked(lwp_specificdata_domain,
 						  &curlwp->l_specdataref, key));
+}
 void *
 _lwp_getspecific_by_lwp(struct lwp *l, specificdata_key_t key)
+{
 	return (specificdata_getspecific_unlocked(lwp_specificdata_domain,
 						  &l->l_specdataref, key));
+}
 /*
  * lwp_setspecific --
  *	Set lwp-specific data corresponding to the specified key.
  */
 void
 lwp_setspecific(specificdata_key_t key, void *data)
+{
 	specificdata_setspecific(lwp_specificdata_domain,
 				 &curlwp->l_specdataref, key, data);
+}
 /*
  * Allocate a new lwpctl structure for a user LWP.
  */
 int
 lwp_ctl_alloc(vaddr_t *uaddr)
+{
 	lcproc_t *lp;
 	u_int bit, i, offset;
 	struct uvm_object *uao;
 	int error;
 	lcpage_t *lcp;
 	proc_t *p;
 	lwp_t *l;
 	l = curlwp;
 	p = l->l_proc;
 	if (l->l_lcpage != NULL) {
 		lcp = l->l_lcpage;
 		*uaddr = lcp->lcp_uaddr + (vaddr_t)l->l_lwpctl - lcp->lcp_kaddr;
 		return (EINVAL);
+	}
 	/* First time around, allocate header structure for the process. */
 	if ((lp = p->p_lwpctl) == NULL) {
 		lp = kmem_alloc(sizeof(*lp), KM_SLEEP);
 		mutex_init(&lp->lp_lock, MUTEX_DEFAULT, IPL_NONE);
 		lp->lp_uao = NULL;
 		TAILQ_INIT(&lp->lp_pages);
 		mutex_enter(p->p_lock);
 		if (p->p_lwpctl == NULL) {
 			p->p_lwpctl = lp;
 			mutex_exit(p->p_lock);
 		} else {
 			mutex_exit(p->p_lock);
 			mutex_destroy(&lp->lp_lock);
 			kmem_free(lp, sizeof(*lp));
 			lp = p->p_lwpctl;
+		}
+	}
  	/*
  	 * Set up an anonymous memory region to hold the shared pages.
  	 * Map them into the process' address space.  The user vmspace
  	 * gets the first reference on the UAO.
  	 */
 	mutex_enter(&lp->lp_lock);
 	if (lp->lp_uao == NULL) {
 		lp->lp_uao = uao_create(LWPCTL_UAREA_SZ, 0);
 		lp->lp_cur = 0;
 		lp->lp_max = LWPCTL_UAREA_SZ;
 		lp->lp_uva = p->p_emul->e_vm_default_addr(p,
 		     (vaddr_t)p->p_vmspace->vm_daddr, LWPCTL_UAREA_SZ);
 		error = uvm_map(&p->p_vmspace->vm_map, &lp->lp_uva,
 		    LWPCTL_UAREA_SZ, lp->lp_uao, 0, 0, UVM_MAPFLAG(UVM_PROT_RW,
 		    UVM_PROT_RW, UVM_INH_NONE, UVM_ADV_NORMAL, 0));
 		if (error != 0) {
 			uao_detach(lp->lp_uao);
 			lp->lp_uao = NULL;
 			mutex_exit(&lp->lp_lock);
 			return error;
+		}
+	}
 	/* Get a free block and allocate for this LWP. */
 	TAILQ_FOREACH(lcp, &lp->lp_pages, lcp_chain) {
 		if (lcp->lcp_nfree != 0)
 			break;
+	}
 	if (lcp == NULL) {
 		/* Nothing available - try to set up a free page. */
 		if (lp->lp_cur == lp->lp_max) {
 			mutex_exit(&lp->lp_lock);
 			return ENOMEM;
+		}
 		lcp = kmem_alloc(LWPCTL_LCPAGE_SZ, KM_SLEEP);
 		if (lcp == NULL) {
 			mutex_exit(&lp->lp_lock);
 			return ENOMEM;
+		}
 		/*
 		 * Wire the next page down in kernel space.  Since this
 		 * is a new mapping, we must add a reference.
 		 */
 		uao = lp->lp_uao;

 @@ -1,236 +1,236 @@
-/*	$NetBSD: filedesc.h,v 1.56 2009/05/25 03:59:45 yamt Exp $	*/
+/*	$NetBSD: filedesc.h,v 1.57 2009/10/27 02:58:28 rmind Exp $	*/
 /*-
  * Copyright (c) 2008 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 /*
  * Copyright (c) 1990, 1993
  *	The Regents of the University of California.  All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. Neither the name of the University nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
  *	@(#)filedesc.h	8.1 (Berkeley) 6/2/93
  */
 #ifndef _SYS_FILEDESC_H_
 #define	_SYS_FILEDESC_H_
 #include <sys/param.h>
 #include <sys/queue.h>
 #include <sys/mutex.h>
 #include <sys/rwlock.h>
 #include <sys/condvar.h>
 /*
  * This structure is used for the management of descriptors.  It may be
  * shared by multiple processes.
+ *
  * A process is initially started out with NDFILE descriptors stored within
  * this structure, selected to be enough for typical applications based on
  * the historical limit of 20 open files (and the usage of descriptors by
  * shells).  If these descriptors are exhausted, a larger descriptor table
  * may be allocated, up to a process' resource limit; the internal arrays
  * are then unused.  The initial expansion is set to NDEXTENT; each time
  * it runs out, it is doubled until the resource limit is reached. NDEXTENT
  * should be selected to be the biggest multiple of OFILESIZE (see below)
  * that will fit in a power-of-two sized piece of memory.
  */
 #define	NDFILE		20
 #define	NDEXTENT	50		/* 250 bytes in 256-byte alloc */
 #define	NDENTRIES	32		/* 32 fds per entry */
 #define	NDENTRYMASK	(NDENTRIES - 1)
 #define	NDENTRYSHIFT	5		/* bits per entry */
 #define	NDLOSLOTS(x)	(((x) + NDENTRIES - 1) >> NDENTRYSHIFT)
 #define	NDHISLOTS(x)	((NDLOSLOTS(x) + NDENTRIES - 1) >> NDENTRYSHIFT)
 #define	NDFDFILE	6		/* first 6 descriptors are free */
 /*
  * Process-private descriptor reference, one for each descriptor slot
  * in use.  Locks:
+ *
  * :	unlocked
  * a	atomic operations + filedesc_t::fd_lock in some cases
  * d	filedesc_t::fd_lock
+ *
  * Note that ff_exclose and ff_allocated are likely to be byte sized
  * (bool).  In general adjacent sub-word sized fields must be locked
  * the same way, but in this case it's ok: ff_exclose can only be
  * modified while the descriptor slot is live, and ff_allocated when
  * it's invalid.
  */
 typedef struct fdfile {
 	bool		ff_exclose;	/* :: close on exec flag */
 	bool		ff_allocated;	/* d: descriptor slot is allocated */
 	u_int		ff_refcnt;	/* a: reference count on structure */
 	struct file	*ff_file;	/* d: pointer to file if open */
 	SLIST_HEAD(,knote) ff_knlist;	/* d: knotes attached to this fd */
 	kcondvar_t	ff_closing;	/* d: notifier for close */
 } fdfile_t;
 /* Reference count */
 #define	FR_CLOSING	(0x80000000)	/* closing: must interlock */
 #define	FR_MASK		(~FR_CLOSING)	/* reference count */
 /*
  * Open file table, potentially many 'active' tables per filedesc_t
  * in a multi-threaded process, or with a shared filedesc_t (clone()).
  * nfiles is first to avoid pointer arithmetic.
  */
 typedef struct fdtab {
 	u_int		dt_nfiles;	/* number of open files allocated */
 	struct fdtab	*dt_link;	/* for lists of dtab */
 	fdfile_t	*dt_ff[NDFILE];	/* file structures for open fds */
 } fdtab_t;
 typedef struct filedesc {
 	/*
 	 * Built-in fdfile_t records first, since they have strict
 	 * alignment requirements.
 	 */
 	uint8_t		fd_dfdfile[NDFDFILE][CACHE_LINE_SIZE];
 	/*
 	 * All of the remaining fields are locked by fd_lock.
 	 */
 	kmutex_t	fd_lock;	/* lock on structure */
 	fdtab_t * volatile fd_dt;	/* active descriptor table */
 	uint32_t	*fd_himap;	/* each bit points to 32 fds */
 	uint32_t	*fd_lomap;	/* bitmap of free fds */
 	struct klist	*fd_knhash;	/* hash of attached non-fd knotes */
 	int		fd_lastkqfile;	/* max descriptor for kqueue */
 	int		fd_lastfile;	/* high-water mark of fd_ofiles */
 	int		fd_refcnt;	/* reference count */
 	u_long		fd_knhashmask;	/* size of fd_knhash */
 	int		fd_freefile;	/* approx. next free file */
 	int		fd_unused;	/* unused */
 	bool		fd_exclose;	/* non-zero if >0 fd with EXCLOSE */
 	/*
 	 * This structure is used when the number of open files is
 	 * <= NDFILE, and are then pointed to by the pointers above.
 	 */
 	fdtab_t		fd_dtbuiltin;
 	/*
 	 * These arrays are used when the number of open files is
 	 * <= 1024, and are then pointed to by the pointers above.
 	 */
 #define fd_startzero	fd_dhimap	/* area to zero on return to cache */
 	uint32_t	fd_dhimap[NDENTRIES >> NDENTRYSHIFT];
 	uint32_t	fd_dlomap[NDENTRIES];
 } filedesc_t;
 typedef struct cwdinfo {
 	struct vnode	*cwdi_cdir;	/* current directory */
 	struct vnode	*cwdi_rdir;	/* root directory */
 	struct vnode	*cwdi_edir;	/* emulation root (if known) */
 	krwlock_t	cwdi_lock;	/* lock on entire struct */
 	u_short		cwdi_cmask;	/* mask for file creation */
 	u_int		cwdi_refcnt;	/* reference count */
 } cwdinfo_t;
 #ifdef _KERNEL
 struct fileops;
 struct socket;
 struct proc;
 /*
  * Kernel global variables and routines.
  */
 void	fd_sys_init(void);
 int	fd_dupopen(int, int *, int, int);
 int	fd_alloc(struct proc *, int, int *);
 void	fd_tryexpand(struct proc *);
 int	fd_allocfile(file_t **, int *);
 void	fd_affix(struct proc *, file_t *, unsigned);
 void	fd_abort(struct proc *, file_t *, unsigned);
 filedesc_t *fd_copy(void);
 filedesc_t *fd_init(filedesc_t *);
 void	fd_share(proc_t *);
-void	fd_hold(void);
+void	fd_hold(lwp_t *);
 void	fd_free(void);
 void	fd_closeexec(void);
 int	fd_checkstd(void);
 file_t	*fd_getfile(unsigned);
 file_t	*fd_getfile2(proc_t *, unsigned);
 void	fd_putfile(unsigned);
 int	fd_getvnode(unsigned, file_t **);
 int	fd_getsock(unsigned, struct socket **);
 void	fd_putvnode(unsigned);
 void	fd_putsock(unsigned);
 int	fd_close(unsigned);
 int	fd_dup(file_t *, int, int *, bool);
 int	fd_dup2(file_t *, unsigned);
 int	fd_clone(file_t *, unsigned, int, const struct fileops *, void *);
 void	cwd_sys_init(void);
 struct cwdinfo *cwdinit(void);
 void	cwdshare(proc_t *);
 void	cwdunshare(proc_t *);
 void	cwdfree(struct cwdinfo *);
 #define GETCWD_CHECK_ACCESS 0x0001
 int	getcwd_common(struct vnode *, struct vnode *, char **, char *, int,
     int, struct lwp *);
 int	vnode_to_path(char *, size_t, struct vnode *, struct lwp *,
     struct proc *);
 int	closef(file_t *);
 file_t *fgetdummy(void);
 void	fputdummy(file_t *);
 struct stat;
 int	do_sys_fstat(int, struct stat *);
 struct flock;
 int	do_fcntl_lock(int, int, struct flock *);
 int	do_posix_fadvise(int, off_t, off_t, int);
 extern kmutex_t filelist_lock;
 extern filedesc_t filedesc0;
 #endif /* _KERNEL */
 #endif /* !_SYS_FILEDESC_H_ */