 @@ -1,14 +1,14 @@
-/*	$NetBSD: ffs_snapshot.c,v 1.105 2011/02/18 14:48:54 bouyer Exp $	*/
+/*	$NetBSD: ffs_snapshot.c,v 1.106 2011/02/21 09:29:21 hannken Exp $	*/
 /*
  * Copyright 2000 Marshall Kirk McKusick. All Rights Reserved.
+ *
  * Further information about snapshots can be obtained from:
+ *
  *	Marshall Kirk McKusick		http://www.mckusick.com/softdep/
  *	1614 Oxford Street		mckusick@mckusick.com
  *	Berkeley, CA 94709-1608		+1-510-843-9542
  *	USA
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
 @@ -28,27 +28,27 @@
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
  *	@(#)ffs_snapshot.c	8.11 (McKusick) 7/23/00
+ *
  *	from FreeBSD: ffs_snapshot.c,v 1.79 2004/02/13 02:02:06 kuriyama Exp
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ffs_snapshot.c,v 1.105 2011/02/18 14:48:54 bouyer Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ffs_snapshot.c,v 1.106 2011/02/21 09:29:21 hannken Exp $");
 #if defined(_KERNEL_OPT)
 #include "opt_ffs.h"
 #endif
 #include <sys/param.h>
 #include <sys/kernel.h>
 #include <sys/systm.h>
 #include <sys/conf.h>
 #include <sys/buf.h>
 #include <sys/proc.h>
 #include <sys/namei.h>
 #include <sys/sched.h>
 @@ -69,26 +69,27 @@ __KERNEL_RCSID(0, "$NetBSD: ffs_snapshot
 #include <ufs/ufs/inode.h>
 #include <ufs/ufs/ufs_extern.h>
 #include <ufs/ufs/ufs_bswap.h>
 #include <ufs/ufs/ufs_wapbl.h>
 #include <ufs/ffs/fs.h>
 #include <ufs/ffs/ffs_extern.h>
 #include <uvm/uvm.h>
 struct snap_info {
 	kmutex_t si_lock;			/* Lock this snapinfo */
 	kmutex_t si_snaplock;			/* Snapshot vnode common lock */
 	lwp_t *si_owner;			/* Sanplock owner */
 	TAILQ_HEAD(inodelst, inode) si_snapshots; /* List of active snapshots */
 	daddr_t *si_snapblklist;		/* Snapshot block hints list */
 	uint32_t si_gen;			/* Incremented on change */
 };
 #if !defined(FFS_NO_SNAPSHOT)
 typedef int (*acctfunc_t)
     (struct vnode *, void *, int, int, struct fs *, daddr_t, int);
 static int snapshot_setup(struct mount *, struct vnode *);
 static int snapshot_copyfs(struct mount *, struct vnode *, void **);
 static int snapshot_expunge(struct mount *, struct vnode *,
     struct fs *, daddr_t *, daddr_t **);
 @@ -130,26 +131,27 @@ static int snapdebug = 0;
 int
 ffs_snapshot_init(struct ufsmount *ump)
+{
 	struct snap_info *si;
 	si = ump->um_snapinfo = kmem_alloc(sizeof(*si), KM_SLEEP);
 	if (si == NULL)
 		return ENOMEM;
 	TAILQ_INIT(&si->si_snapshots);
 	mutex_init(&si->si_lock, MUTEX_DEFAULT, IPL_NONE);
 	mutex_init(&si->si_snaplock, MUTEX_DEFAULT, IPL_NONE);
 	si->si_owner = NULL;
 	si->si_gen = 0;
 	si->si_snapblklist = NULL;
 	return 0;
+}
 void
 ffs_snapshot_fini(struct ufsmount *ump)
+{
 	struct snap_info *si;
 	si = ump->um_snapinfo;
 	ump->um_snapinfo = NULL;
 @@ -163,27 +165,26 @@ ffs_snapshot_fini(struct ufsmount *ump)
 /*
  * Create a snapshot file and initialize it for the filesystem.
  * Vnode is locked on entry and return.
  */
 int
 ffs_snapshot(struct mount *mp, struct vnode *vp, struct timespec *ctime)
+{
 #if defined(FFS_NO_SNAPSHOT)
 	return EOPNOTSUPP;
+}
 #else /* defined(FFS_NO_SNAPSHOT) */
 	bool suspended = false;
 	bool snapshot_locked = false;
 	int error, redo = 0, snaploc;
 	void *sbbuf = NULL;
 	daddr_t *snaplist = NULL, snaplistsize = 0;
 	struct buf *bp, *nbp;
 	struct fs *copy_fs = NULL;
 	struct fs *fs = VFSTOUFS(mp)->um_fs;
 	struct inode *ip = VTOI(vp);
 	struct lwp *l = curlwp;
 	struct snap_info *si = VFSTOUFS(mp)->um_snapinfo;
 	struct timespec ts;
 	struct timeval starttime;
 #ifdef DEBUG
 	struct timeval endtime;
 @@ -259,31 +260,26 @@ ffs_snapshot(struct mount *mp, struct vn
 	 * Create a copy of the superblock and its summary information.
 	 */
 	error = snapshot_copyfs(mp, vp, &sbbuf);
 	copy_fs = (struct fs *)((char *)sbbuf + blkoff(fs, fs->fs_sblockloc));
 	if (error)
 		goto out;
 	/*
 	 * Expunge unlinked files from our view.
 	 */
 	error = snapshot_expunge(mp, vp, copy_fs, &snaplistsize, &snaplist);
 	if (error)
 		goto out;
 	/*
 	 * Acquire the snapshot lock.
 	 */
 	mutex_enter(&si->si_snaplock);
 	snapshot_locked = true;
 	/*
 	 * Record snapshot inode. Since this is the newest snapshot,
 	 * it must be placed at the end of the list.
 	 */
 	fs->fs_snapinum[snaploc] = ip->i_number;
 	mutex_enter(&si->si_lock);
 	if (is_active_snapshot(si, ip))
 		panic("ffs_snapshot: %"PRIu64" already on list", ip->i_number);
 	TAILQ_INSERT_TAIL(&si->si_snapshots, ip, i_nextsnap);
 	if (TAILQ_FIRST(&si->si_snapshots) == ip) {
 		/*
 		 * If this is the first snapshot on this filesystem, put the
 		 * preliminary list in place and establish the cow handler.
 @@ -366,28 +362,26 @@ out:
+	}
 	if (error) {
 		fs->fs_snapinum[snaploc] = 0;
 	} else {
 		/*
 		 * As this is the newest list, it is the most inclusive, so
 		 * should replace the previous list.
 		 */
 		si->si_snapblklist = ip->i_snapblklist;
+	}
 	si->si_gen++;
 	mutex_exit(&si->si_lock);
 	if (snapshot_locked)
 		mutex_exit(&si->si_snaplock);
 	if (suspended) {
 		vfs_resume(vp->v_mount);
 #ifdef DEBUG
 		getmicrotime(&endtime);
 		timersub(&endtime, &starttime, &endtime);
 		printf("%s: suspended %lld.%03d sec, redo %d of %d\n",
 		    mp->mnt_stat.f_mntonname, (long long)endtime.tv_sec,
 		    endtime.tv_usec / 1000, redo, fs->fs_ncg);
 #endif
+	}
 	if (error) {
 		if (!UFS_WAPBL_BEGIN(mp)) {
 			(void) ffs_truncate(vp, (off_t)0, 0, NOCRED);
 @@ -1344,101 +1338,102 @@ ffs_snapgone(struct inode *ip)
  * Prepare a snapshot file for being removed.
  */
 void
 ffs_snapremove(struct vnode *vp)
+{
 	struct inode *ip = VTOI(vp), *xp;
 	struct vnode *devvp = ip->i_devvp;
 	struct fs *fs = ip->i_fs;
 	struct mount *mp = devvp->v_specmountpoint;
 	struct buf *ibp;
 	struct snap_info *si;
 	struct lwp *l = curlwp;
 	daddr_t numblks, blkno, dblk;
-	int error, loc, last, n;
+	int error, loc, last;
 	const int wbreak = blocks_in_journal(fs)/8;
 	si = VFSTOUFS(mp)->um_snapinfo;
 	/*
 	 * If active, delete from incore list (this snapshot may
 	 * already have been in the process of being deleted, so
 	 * would not have been active).
+	 *
 	 * Clear copy-on-write flag if last snapshot.
 	 */
 	mutex_enter(&si->si_snaplock);
 	mutex_enter(&si->si_lock);
 	if (is_active_snapshot(si, ip)) {
 		TAILQ_REMOVE(&si->si_snapshots, ip, i_nextsnap);
 		if (TAILQ_FIRST(&si->si_snapshots) != 0) {
 			/* Roll back the list of preallocated blocks. */
 			xp = TAILQ_LAST(&si->si_snapshots, inodelst);
 			si->si_snapblklist = xp->i_snapblklist;
 			si->si_gen++;
 			mutex_exit(&si->si_lock);
 			mutex_exit(&si->si_snaplock);
 		} else {
 			si->si_snapblklist = 0;
 			si->si_gen++;
 			mutex_exit(&si->si_lock);
 			mutex_exit(&si->si_snaplock);
 			fscow_disestablish(mp, ffs_copyonwrite, devvp);
+		}
 		if (ip->i_snapblklist != NULL) {
 			free(ip->i_snapblklist, M_UFSMNT);
 			ip->i_snapblklist = NULL;
+		}
-	} else
+	} else {
 		mutex_exit(&si->si_lock);
 		mutex_exit(&si->si_snaplock);
+	}
 	/*
 	 * Clear all BLK_NOCOPY fields. Pass any block claims to other
 	 * snapshots that want them (see ffs_snapblkfree below).
 	 */
 	for (blkno = 1; blkno < NDADDR; blkno++) {
 		dblk = db_get(ip, blkno);
 		if (dblk == BLK_NOCOPY || dblk == BLK_SNAP)
 			db_assign(ip, blkno, 0);
 		else if ((dblk == blkstofrags(fs, blkno) &&
 		     ffs_snapblkfree(fs, ip->i_devvp, dblk, fs->fs_bsize,
 		     ip->i_number))) {
 			DIP_ADD(ip, blocks, -btodb(fs->fs_bsize));
 			db_assign(ip, blkno, 0);
+		}
+	}
 	numblks = howmany(ip->i_size, fs->fs_bsize);
-	for (blkno = NDADDR, n = 0; blkno < numblks; blkno += NINDIR(fs)) {
+	for (blkno = NDADDR; blkno < numblks; blkno += NINDIR(fs)) {
 		error = ffs_balloc(vp, lblktosize(fs, (off_t)blkno),
 		    fs->fs_bsize, l->l_cred, B_METAONLY, &ibp);
 		if (error)
 			continue;
 		if (fs->fs_size - blkno > NINDIR(fs))
 			last = NINDIR(fs);
 		else
 			last = fs->fs_size - blkno;
 		for (loc = 0; loc < last; loc++) {
 			if (wbreak > 0 && (++n % wbreak) == 0) {
 				UFS_WAPBL_END(mp);
 				error = UFS_WAPBL_BEGIN(mp);
 				if (error)
 					panic("UFS_WAPBL_BEGIN failed");
 			dblk = idb_get(ip, ibp->b_data, loc);
 			if (dblk == BLK_NOCOPY || dblk == BLK_SNAP)
 				idb_assign(ip, ibp->b_data, loc, 0);
 			else if (dblk == blkstofrags(fs, blkno) &&
 			    ffs_snapblkfree(fs, ip->i_devvp, dblk,
 			    fs->fs_bsize, ip->i_number)) {
 				DIP_ADD(ip, blocks, -btodb(fs->fs_bsize));
 				idb_assign(ip, ibp->b_data, loc, 0);
+			}
+		}
 		bawrite(ibp);
 		UFS_WAPBL_END(mp);
 		error = UFS_WAPBL_BEGIN(mp);
 		KASSERT(error == 0);
+	}
 	/*
 	 * Clear snapshot flag and drop reference.
 	 */
 	ip->i_flags &= ~SF_SNAPSHOT;
 	DIP_ASSIGN(ip, flags, ip->i_flags);
 	ip->i_flag |= IN_CHANGE | IN_UPDATE;
+}
 /*
  * Notification that a block is being freed. Return zero if the free
  * should be allowed to proceed. Return non-zero if the snapshot file
  * wants to claim the block. The block will be claimed if it is an
 @@ -1459,45 +1454,38 @@ ffs_snapremove(struct vnode *vp)
 int
 ffs_snapblkfree(struct fs *fs, struct vnode *devvp, daddr_t bno,
     long size, ino_t inum)
+{
 	struct mount *mp = devvp->v_specmountpoint;
 	struct buf *ibp;
 	struct inode *ip;
 	struct vnode *vp = NULL;
 	struct snap_info *si;
 	void *saved_data = NULL;
 	daddr_t lbn;
 	daddr_t blkno;
 	uint32_t gen;
-	int indiroff = 0, snapshot_locked = 0, error = 0, claimedblk = 0;
+	int indiroff = 0, error = 0, claimedblk = 0;
 	si = VFSTOUFS(mp)->um_snapinfo;
 	lbn = fragstoblks(fs, bno);
 	mutex_enter(&si->si_snaplock);
 	mutex_enter(&si->si_lock);
 	si->si_owner = curlwp;
 retry:
 	gen = si->si_gen;
 	TAILQ_FOREACH(ip, &si->si_snapshots, i_nextsnap) {
 		vp = ITOV(ip);
 		if (snapshot_locked == 0) {
 			if (!mutex_tryenter(&si->si_snaplock)) {
 				mutex_exit(&si->si_lock);
 				mutex_enter(&si->si_snaplock);
 				mutex_enter(&si->si_lock);
 			snapshot_locked = 1;
 			if (gen != si->si_gen)
 				goto retry;
 		/*
 		 * Lookup block being written.
 		 */
 		if (lbn < NDADDR) {
 			blkno = db_get(ip, lbn);
 		} else {
 			mutex_exit(&si->si_lock);
 			error = ffs_balloc(vp, lblktosize(fs, (off_t)lbn),
 			    fs->fs_bsize, FSCRED, B_METAONLY, &ibp);
 			if (error) {
 				mutex_enter(&si->si_lock);
 				break;
+			}
 @@ -1574,26 +1562,29 @@ retry:
 			} else {
 				idb_assign(ip, ibp->b_data, indiroff, bno);
 				if (ip->i_nlink > 0)
 					bwrite(ibp);
 				else
 					bdwrite(ibp);
+			}
 			DIP_ADD(ip, blocks, btodb(size));
 			ip->i_flag |= IN_CHANGE | IN_UPDATE;
 			if (ip->i_nlink > 0 && mp->mnt_wapbl)
 				error = syncsnap(vp);
 			else
 				error = 0;
 			mutex_enter(&si->si_lock);
 			si->si_owner = NULL;
 			mutex_exit(&si->si_lock);
 			mutex_exit(&si->si_snaplock);
 			return (error == 0);
+		}
 		if (lbn >= NDADDR)
 			brelse(ibp, 0);
 #ifdef DEBUG
 		if (snapdebug)
 			printf("%s%llu lbn %" PRId64 " %s %llu size %ld\n",
 			    "Copyonremove: snapino ",
 			    (unsigned long long)ip->i_number,
 			    lbn, "for inum", (unsigned long long)inum, size);
 #endif
 		/*
 @@ -1613,37 +1604,37 @@ retry:
 				mutex_enter(&si->si_lock);
 				break;
+			}
+		}
 		error = wrsnapblk(vp, saved_data, lbn);
 		if (error == 0 && ip->i_nlink > 0 && mp->mnt_wapbl)
 			error = syncsnap(vp);
 		mutex_enter(&si->si_lock);
 		if (error)
 			break;
 		if (gen != si->si_gen)
 			goto retry;
+	}
 	si->si_owner = NULL;
 	mutex_exit(&si->si_lock);
 	mutex_exit(&si->si_snaplock);
 	if (saved_data)
 		free(saved_data, M_UFSMNT);
 	/*
 	 * If we have been unable to allocate a block in which to do
 	 * the copy, then return non-zero so that the fragment will
 	 * not be freed. Although space will be lost, the snapshot
 	 * will stay consistent.
 	 */
 	if (snapshot_locked)
 		mutex_exit(&si->si_snaplock);
 	return (error);
+}
 /*
  * Associate snapshot files when mounting.
  */
 void
 ffs_snapshot_mount(struct mount *mp)
+{
 	struct vnode *devvp = VFSTOUFS(mp)->um_devvp;
 	struct fs *fs = VFSTOUFS(mp)->um_fs;
 	struct lwp *l = curlwp;
 	struct vnode *vp;
 @@ -1836,26 +1827,35 @@ ffs_copyonwrite(void *v, struct buf *bp,
 			break;
 		if (snapblklist[mid] < lbn)
 			lower = mid + 1;
 		else
 			upper = mid - 1;
+	}
 	if (lower <= upper) {
 		mutex_exit(&si->si_lock);
 		return 0;
+	}
 	/*
 	 * Not in the precomputed list, so check the snapshots.
 	 */
 	 if (si->si_owner != curlwp) {
 		if (!mutex_tryenter(&si->si_snaplock)) {
 			mutex_exit(&si->si_lock);
 			mutex_enter(&si->si_snaplock);
 			mutex_enter(&si->si_lock);
+		}
 		si->si_owner = curlwp;
 		snapshot_locked = 1;
+	 }
 	 if (data_valid && bp->b_bcount == fs->fs_bsize)
 		saved_data = bp->b_data;
 retry:
 	gen = si->si_gen;
 	TAILQ_FOREACH(ip, &si->si_snapshots, i_nextsnap) {
 		vp = ITOV(ip);
 		/*
 		 * We ensure that everything of our own that needs to be
 		 * copied will be done at the time that ffs_snapshot is
 		 * called. Thus we can skip the check here which can
 		 * deadlock in doing the lookup in ffs_balloc.
 		 */
 		if (bp->b_vp == vp)
 @@ -1876,54 +1876,28 @@ retry:
 				goto retry;
+		}
 #ifdef DIAGNOSTIC
 		if (blkno == BLK_SNAP && bp->b_lblkno >= 0)
 			panic("ffs_copyonwrite: bad copy block");
 #endif
 		if (blkno != 0)
 			continue;
 		if (curlwp == uvm.pagedaemon_lwp) {
 			error = ENOMEM;
 			break;
+		}
 		/* Only one level of recursion allowed. */
-		if (snapshot_locked == 0) {
+		KASSERT(snapshot_locked);
 			if (!mutex_tryenter(&si->si_snaplock)) {
 				mutex_exit(&si->si_lock);
 				mutex_enter(&si->si_snaplock);
 				mutex_enter(&si->si_lock);
 			snapshot_locked = 1;
 			if (gen != si->si_gen)
 				goto retry;
 			/* Check again if block still needs to be copied */
 			if (lbn < NDADDR) {
 				blkno = db_get(ip, lbn);
 			} else {
 				mutex_exit(&si->si_lock);
 				if ((error = snapblkaddr(vp, lbn, &blkno)) != 0) {
 					mutex_enter(&si->si_lock);
 					break;
 				mutex_enter(&si->si_lock);
 				if (gen != si->si_gen)
 					goto retry;
 			if (blkno != 0)
 				continue;
 		/*
 		 * Allocate the block into which to do the copy. Since
 		 * multiple processes may all try to copy the same block,
 		 * we have to recheck our need to do a copy if we sleep
 		 * waiting for the lock.
+		 *
 		 * Because all snapshots on a filesystem share a single
 		 * lock, we ensure that we will never be in competition
 		 * with another process to allocate a block.
 		 */
 #ifdef DEBUG
 		if (snapdebug) {
 			printf("Copyonwrite: snapino %llu lbn %" PRId64 " for ",
 @@ -1958,31 +1932,34 @@ retry:
 		if (error == 0 && ip->i_nlink > 0 && mp->mnt_wapbl)
 			error = syncsnap(vp);
 		mutex_enter(&si->si_lock);
 		if (error)
 			break;
 		if (gen != si->si_gen)
 			goto retry;
+	}
 	/*
 	 * Note that we need to synchronously write snapshots that
 	 * have not been unlinked, and hence will be visible after
 	 * a crash, to ensure their integrity.
 	 */
-	mutex_exit(&si->si_lock);
+	if (snapshot_locked) {
 		si->si_owner = NULL;
 		mutex_exit(&si->si_lock);
 		mutex_exit(&si->si_snaplock);
 	} else
 		mutex_exit(&si->si_lock);
 	if (saved_data && saved_data != bp->b_data)
 		free(saved_data, M_UFSMNT);
 	if (snapshot_locked)
 		mutex_exit(&si->si_snaplock);
 	return error;
+}
 /*
  * Read from a snapshot.
  */
 int
 ffs_snapshot_read(struct vnode *vp, struct uio *uio, int ioflag)
+{
 	struct inode *ip = VTOI(vp);
 	struct fs *fs = ip->i_fs;
 	struct snap_info *si = VFSTOUFS(vp->v_mount)->um_snapinfo;
 	struct buf *bp;