hammer2 - Add emergency mode to allow recovery of ENOSPC edge cases

hammer2 - Add emergency mode to allow recovery of ENOSPC edge cases

* Because HAMMER2 is a copy-on-write filesystem, even 'rm' operations
  require block allocations.  H2 gives 'rm' operations extra reserve
  but it is still relatively easy to get into a situation where the
  normal copy-on-write allocation fails and the filesystem gets stuck
  in a ENOSPC situation that cannot be recovered from under normal
  operation.

  We add two directives, 'emergency-mode-enable' and
  'emergency-mode-disable' as a fail-safe to allow recovery of
  filesystems that have gotten into this situation.

* When this mode is enabled HAMMER2 will still attempt to use a
  copy-on-write operation for any blocks that might have been
  snapshotted.  However, any blocks which have not been snapshotted
  (or if the copy-on-write fails) will now be modified in-place,
  allowing chflags and rm operations to be run even when the filesystem
  is over-full.

  Such operation is fragile because the tree cannot be updated safely,
  so this mode can permanently destroy the filesystem if power is lost
  or a panic occurs during the file removal or chflags/chmod operations.
  Great care must be taken when using this mode.

  In addition, use of this mode will likely corrupt any snapshots sharing
  the same meta-data.  If you use this mode and have snapshots it is
  recommended that the snapshots be deleted.

* If you have to use this mode, be sure to disable it after the
  filesystem is operational again.

* The bulkfree scan now reports which PFS(es) a CRC failure occurs on.
  Bulkfree will attempt to alert the user as to which snapshots are
  corrupt, but it isn't perfect.