Merge tag 'for-5.8-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux

		switch (tm->op) {

		case MOD_LOG_KEY_REMOVE_WHILE_FREEING:

			BUG_ON(tm->slot < n);

			/* Fallthrough */

			fallthrough;

		case MOD_LOG_KEY_REMOVE_WHILE_MOVING:

		case MOD_LOG_KEY_REMOVE:

			btrfs_set_node_key(eb, &tm->key, tm->slot);

		    !extent_buffer_uptodate(tree_root->node)) {

			handle_error = true;

			if (IS_ERR(tree_root->node))

			if (IS_ERR(tree_root->node)) {

				ret = PTR_ERR(tree_root->node);

			else if (!extent_buffer_uptodate(tree_root->node))

				tree_root->node = NULL;

			} else if (!extent_buffer_uptodate(tree_root->node)) {

				ret = -EUCLEAN;

			}

			btrfs_warn(fs_info, "failed to read tree root");

			continue;

static void check_buffer_tree_ref(struct extent_buffer *eb)

{

	int refs;

	/* the ref bit is tricky.  We have to make sure it is set

	 * if we have the buffer dirty.   Otherwise the

	 * code to free a buffer can end up dropping a dirty

	 * page

	/*

	 * The TREE_REF bit is first set when the extent_buffer is added

	 * to the radix tree. It is also reset, if unset, when a new reference

	 * is created by find_extent_buffer.

	 *

	 * Once the ref bit is set, it won't go away while the

	 * buffer is dirty or in writeback, and it also won't

	 * go away while we have the reference count on the

	 * eb bumped.

	 * It is only cleared in two cases: freeing the last non-tree

	 * reference to the extent_buffer when its STALE bit is set or

	 * calling releasepage when the tree reference is the only reference.

	 *

	 * We can't just set the ref bit without bumping the

	 * ref on the eb because free_extent_buffer might

	 * see the ref bit and try to clear it.  If this happens

	 * free_extent_buffer might end up dropping our original

	 * ref by mistake and freeing the page before we are able

	 * to add one more ref.

	 * In both cases, care is taken to ensure that the extent_buffer's

	 * pages are not under io. However, releasepage can be concurrently

	 * called with creating new references, which is prone to race

	 * conditions between the calls to check_buffer_tree_ref in those

	 * codepaths and clearing TREE_REF in try_release_extent_buffer.

	 *

	 * So bump the ref count first, then set the bit.  If someone

	 * beat us to it, drop the ref we added.

	 * The actual lifetime of the extent_buffer in the radix tree is

	 * adequately protected by the refcount, but the TREE_REF bit and

	 * its corresponding reference are not. To protect against this

	 * class of races, we call check_buffer_tree_ref from the codepaths

	 * which trigger io after they set eb->io_pages. Note that once io is

	 * initiated, TREE_REF can no longer be cleared, so that is the

	 * moment at which any such race is best fixed.

	 */

	refs = atomic_read(&eb->refs);

	if (refs >= 2 && test_bit(EXTENT_BUFFER_TREE_REF, &eb->bflags))

	clear_bit(EXTENT_BUFFER_READ_ERR, &eb->bflags);

	eb->read_mirror = 0;

	atomic_set(&eb->io_pages, num_reads);

	/*

	 * It is possible for releasepage to clear the TREE_REF bit before we

	 * set io_pages. See check_buffer_tree_ref for a more detailed comment.

	 */

	check_buffer_tree_ref(eb);

	for (i = 0; i < num_pages; i++) {

		page = eb->pages[i];

		switch (key.type) {

		case BTRFS_EXTENT_ITEM_KEY:

			*num_bytes = key.offset;

			/* fall through */

			fallthrough;

		case BTRFS_METADATA_ITEM_KEY:

			*bytenr = key.objectid;

			ret = process_extent_item(fs_info, path, &key, i,

		return false;

	}

	global_rsv->reserved -= ticket->bytes;

	remove_ticket(space_info, ticket);

	ticket->bytes = 0;

	list_del_init(&ticket->list);

	wake_up(&ticket->wait);

	space_info->tickets_id++;

	if (global_rsv->reserved < global_rsv->size)