From bf95b7e8e5e7544a5048ed700fced44ba238d553 Mon Sep 17 00:00:00 2001 From: Timo Kreuzer Date: Tue, 7 Nov 2023 00:58:15 +0200 Subject: [PATCH] [NTOS:CC] Do not access VACB after decrementing it's reference count It might already be deleted by a different thread. --- ntoskrnl/cc/view.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/ntoskrnl/cc/view.c b/ntoskrnl/cc/view.c index efa4c8523d4..2a0590dba49 100644 --- a/ntoskrnl/cc/view.c +++ b/ntoskrnl/cc/view.c @@ -75,13 +75,16 @@ ULONG CcRosVacbIncRefCount_(PROS_VACB vacb, PCSTR file, INT line) ULONG CcRosVacbDecRefCount_(PROS_VACB vacb, PCSTR file, INT line) { ULONG Refs; + BOOLEAN VacbDirty = vacb->Dirty; + BOOLEAN VacbTrace = vacb->SharedCacheMap->Trace; + BOOLEAN VacbPageOut = vacb->PageOut; Refs = InterlockedDecrement((PLONG)&vacb->ReferenceCount); - ASSERT(!(Refs == 0 && vacb->Dirty)); - if (vacb->SharedCacheMap->Trace) + ASSERT(!(Refs == 0 && VacbDirty)); + if (VacbTrace) { DbgPrint("(%s:%i) VACB %p --RefCount=%lu, Dirty %u, PageOut %lu\n", - file, line, vacb, Refs, vacb->Dirty, vacb->PageOut); + file, line, vacb, Refs, VacbDirty, VacbPageOut); } if (Refs == 0)