AIX kernel panic occurs due to a Time-of-Check-to-Time-of-Use (TOCTOU) race condition where the operating system frees a vnode related to an NFS mount after our driver has checked it but before it has finished using it. When our driver's operation resumes, it accesses this invalid memory pointer, leading to a kernel panic.

Crash verified on DCS AIX v6.9.0.476

Fixed in v6.9.0.479

The fix in the agent is to ensure the “sisfim” driver explicitly holds a reference to the vnode before performing operations that might be interrupted and releases it afterwards, making the operation atomic.