Re: [PATCH v5 1/2] jbd2: gracefully abort instead of panicking on unlocked buffer
From: Milos Nikic
Date: Mon Mar 23 2026 - 17:50:49 EST
Hello,
Just sending a gentle ping on this v5 series from March 4th.
It looks like both patches have collected Reviewed-by tags from Jan,
Andreas and Zhang.
Please let me know if there is anything else you need from my side, or
if this is good to be queued up in the ext4 tree for the next merge
window.
Thanks, Milos
On Wed, Mar 4, 2026 at 9:20 AM Milos Nikic <nikic.milos@xxxxxxxxx> wrote:
>
> In jbd2_journal_get_create_access(), if the caller passes an unlocked
> buffer, the code currently triggers a fatal J_ASSERT.
>
> While an unlocked buffer here is a clear API violation and a bug in the
> caller, crashing the entire system is an overly severe response. It brings
> down the whole machine for a localized filesystem inconsistency.
>
> Replace the J_ASSERT with a WARN_ON_ONCE to capture the offending caller's
> stack trace, and return an error (-EINVAL). This allows the journal to
> gracefully abort the transaction, protecting data integrity without
> causing a kernel panic.
>
> Signed-off-by: Milos Nikic <nikic.milos@xxxxxxxxx>
> Reviewed-by: Zhang Yi <yi.zhang@xxxxxxxxxx>
> Reviewed-by: Jan Kara <jack@xxxxxxx>
> Reviewed-by: Andreas Dilger <adilger@xxxxxxxxx>
> ---
> fs/jbd2/transaction.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/fs/jbd2/transaction.c b/fs/jbd2/transaction.c
> index dca4b5d8aaaa..04d17a5f2a82 100644
> --- a/fs/jbd2/transaction.c
> +++ b/fs/jbd2/transaction.c
> @@ -1302,7 +1302,12 @@ int jbd2_journal_get_create_access(handle_t *handle, struct buffer_head *bh)
> goto out;
> }
>
> - J_ASSERT_JH(jh, buffer_locked(jh2bh(jh)));
> + if (WARN_ON_ONCE(!buffer_locked(jh2bh(jh)))) {
> + err = -EINVAL;
> + spin_unlock(&jh->b_state_lock);
> + jbd2_journal_abort(journal, err);
> + goto out;
> + }
>
> if (jh->b_transaction == NULL) {
> /*
> --
> 2.53.0
>