--- x/fs/reiserfs/ioctl.c
+++ y/fs/reiserfs/ioctl.c
@@ -78,6 +78,9 @@ long reiserfs_ioctl(struct file *filp, u
 	struct inode *inode = file_inode(filp);
 	int err = 0;
 
+	err = mnt_want_write_file(filp);
+	if (err)
+		return err;
 	reiserfs_write_lock(inode->i_sb);
 
 	switch (cmd) {
@@ -100,23 +103,19 @@ long reiserfs_ioctl(struct file *filp, u
 			err = -EPERM;
 			break;
 		}
-		err = mnt_want_write_file(filp);
-		if (err)
-			break;
 		if (get_user(inode->i_generation, (int __user *)arg)) {
 			err = -EFAULT;
-			goto setversion_out;
+			break;
 		}
 		inode->i_ctime = current_time(inode);
 		mark_inode_dirty(inode);
-setversion_out:
-		mnt_drop_write_file(filp);
 		break;
 	default:
 		err = -ENOTTY;
 	}
 
 	reiserfs_write_unlock(inode->i_sb);
+	mnt_drop_write_file(filp);
 
 	return err;
 }
--- x/fs/reiserfs/namei.c
+++ y/fs/reiserfs/namei.c
@@ -658,6 +658,12 @@ static int reiserfs_create(struct user_n
 	jbegin_count += retval;
 	reiserfs_write_lock(dir->i_sb);
 
+	if (WARN_ONCE(jbegin_count > SB_JOURNAL(dir->i_sb)->j_trans_max,
+			"%s() jbegin_count %d > SB_JOURNAL(dir->i_sb)->j_trans_max %u\n",
+			__func__, jbegin_count, SB_JOURNAL(dir->i_sb)->j_trans_max)) {
+		retval = -EINVAL;
+		goto out_failed;
+	}
 	retval = journal_begin(&th, dir->i_sb, jbegin_count);
 	if (retval) {
 		drop_new_inode(inode);