[PATCH] ocfs2: add journal NULL check in ocfs2_checkpoint_inode()

Next message: Mario Limonciello: "Re: [PATCH V1] accel/amdxdna: Return errors for failed debug BO commands"
Previous message: Greg Ungerer: "Re: [PATCH v3 03/11] m68k: mcf5441x: initialize DAC clocks by iio DAC driver name"
Next in thread: Heming Zhao: "Re: [PATCH] ocfs2: add journal NULL check in ocfs2_checkpoint_inode()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Joseph Qi

Date: Sun May 31 2026 - 09:23:48 EST

During unmount, ocfs2_journal_shutdown() frees the journal and sets
osb->journal to NULL. Later, when VFS evicts remaining cached inodes,
ocfs2_evict_inode() -> ocfs2_clear_inode() -> ocfs2_checkpoint_inode()
-> ocfs2_ci_fully_checkpointed() dereferences osb->journal, causing a
NULL pointer dereference.

Fix this by adding a NULL check for osb->journal in
ocfs2_checkpoint_inode(). If the journal is NULL, it has already been
fully flushed and destroyed during shutdown, so there is nothing to
checkpoint.

Reported-by: Farhad Alemi <farhad.alemi@xxxxxxxxxxxx>
Fixes: da5e7c87827e ("ocfs2: cleanup journal init and shutdown")
Signed-off-by: Joseph Qi <joseph.qi@xxxxxxxxxxxxxxxxx>
Tested-by: Farhad Alemi <farhad.alemi@xxxxxxxxxxxx>
---
fs/ocfs2/journal.h | 3 +++
1 file changed, 3 insertions(+)

diff --git a/fs/ocfs2/journal.h b/fs/ocfs2/journal.h
index 6397170f302f..f8b3b2a3d630 100644
--- a/fs/ocfs2/journal.h
+++ b/fs/ocfs2/journal.h
@@ -196,6 +196,9 @@ static inline void ocfs2_checkpoint_inode(struct inode *inode)
if (ocfs2_mount_local(osb))
return;

+ if (!osb->journal)
+ return;
+
if (!ocfs2_ci_fully_checkpointed(INODE_CACHE(inode))) {
/* WARNING: This only kicks off a single
* checkpoint. If someone races you and adds more
--
2.39.3