diff --git a/fs/f2fs/inode.c b/fs/f2fs/inode.c
index 713747aff06caa6799c10b948e9efe4cdc1a4ebc..e12c207d7aeb76e62ba483ca295797e66d41d639 100644
--- a/fs/f2fs/inode.c
+++ b/fs/f2fs/inode.c
@@ -938,8 +938,12 @@ void f2fs_evict_inode(struct inode *inode)
 	if (likely(!f2fs_cp_error(sbi) &&
 				!is_sbi_flag_set(sbi, SBI_CP_DISABLED)))
 		f2fs_bug_on(sbi, is_inode_flag_set(inode, FI_DIRTY_INODE));
-	else
-		f2fs_inode_synced(inode);
+
+	/*
+	 * anyway, it needs to remove the inode from sbi->inode_list[DIRTY_META]
+	 * list to avoid UAF in f2fs_sync_inode_meta() during checkpoint.
+	 */
+	f2fs_inode_synced(inode);
 
 	/* for the case f2fs_new_inode() was failed, .i_ino is zero, skip it */
 	if (inode->i_ino)