https://git.reactos.org/?p=reactos.git;a=commitdiff;h=fcf83315dccd67cd9636f… commit fcf83315dccd67cd9636f9ae08868104a420a3dd Author: Pierre Schweitzer <pierre(a)reactos.org> AuthorDate: Fri Apr 27 10:23:06 2018 +0200 Commit: Pierre Schweitzer <pierre(a)reactos.org> CommitDate: Fri Apr 27 10:23:06 2018 +0200 [NTOSKRNL] Noisily dereference mapped VACB on cache release. It seems that on process killing, some VACB may be deleted while still mapped. With current reference counting, they will actually not be deleted, but leaked, and an ASSERT will be triggered. CORE-14578 --- ntoskrnl/cc/view.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ntoskrnl/cc/view.c b/ntoskrnl/cc/view.c index bd2f4887d4..081d881d15 100644 --- a/ntoskrnl/cc/view.c +++ b/ntoskrnl/cc/view.c @@ -1106,6 +1106,12 @@ CcRosDeleteFileCache ( KeReleaseSpinLock(&SharedCacheMap->CacheMapLock, oldIrql); DPRINT1("Freeing dirty VACB\n"); } + if (current->MappedCount != 0) + { + current->MappedCount = 0; + NT_VERIFY(CcRosVacbDecRefCount(current) > 0); + DPRINT1("Freeing mapped VACB\n"); + } InsertHeadList(&FreeList, &current->CacheMapVacbListEntry); KeAcquireSpinLock(&SharedCacheMap->CacheMapLock, &oldIrql);