Hi All,
I am using FltGetDestinationFileNameInformation to get the FileName
information during rename. But i am consistently seeing the
RDR_FILE_SYSTEM(27)crash.
I believe, This issue has been discussed here earlier. But there was no
resolution in the discussion.
Does anyone knows what rule i am break or weather i can call
“FltGetDestinationFileNameInformation” during rename or not.
thanks in advance.
Here is the stack trace, File Object and Rename Information.
Original File Name:
“\TDCEN2V9.prod.travp.net\Ops_Sys\Ops_Sys_default\0077_PASD\inbound\FN{25220858-803B-42DE-BE9C-978EF5E7F21F}{B38B6CBF-1B3A-4C89-91A7-C35FE8DC08FE}”
Rename Information:
dt 0x8c0ca3b0 _FILE_RENAME_INFORMATION
vfiltr!_FILE_RENAME_INFORMATION
+0x000 ReplaceIfExists : 0 ‘’
+0x004 RootDirectory : (null)
+0x008 FileNameLength : 0x178
+0x00c FileName :
“??\UNC\prod.travp.net\ent_dfs\ent_apps\Filenet\DPPT\Ops_Sys\Ops_Sys_default
\0077_PASD\content\FN9\FN12\FN{25220858-803B-42DE-BE9C-978EF5E7F21F}{9FA50757
-90D8-4263-A629-53E5043B742A}-0.doc蟌ç¾FEå€ è·Ð³???”
File Object:
0: kd> dt 0x8d3913a0 _FILE_OBJECT
nt!_FILE_OBJECT
+0x000 Type : 5
+0x002 Size : 112
+0x004 DeviceObject : 0x90acf030 _DEVICE_OBJECT
+0x008 Vpb : (null)
+0x00c FsContext : 0xe4331008
+0x010 FsContext2 : 0xe23bfa00
+0x014 SectionObjectPointer : 0x8cb0f374 _SECTION_OBJECT_POINTERS
+0x018 PrivateCacheMap : (null)
+0x01c FinalStatus : 0
+0x020 RelatedFileObject : (null)
+0x024 LockOperation : 0 ‘’
+0x025 DeletePending : 0 ‘’
+0x026 ReadAccess : 0 ‘’
+0x027 WriteAccess : 0 ‘’
+0x028 DeleteAccess : 0x1 ‘’
+0x029 SharedRead : 0x1 ‘’
+0x02a SharedWrite : 0x1 ‘’
+0x02b SharedDelete : 0x1 ‘’
+0x02c Flags : 0x41002
+0x030 FileName : _UNICODE_STRING
“\TDCEN2V9.prod.travp.net\Ops_Sys\Ops_Sys_default\0077_PASD\inbound\FN{25220858-803B-42DE-BE9C-978EF5E7F21F}{B38B6CBF-1B3A-4C89-91A7-C35FE8DC08FE}”
+0x038 CurrentByteOffset : _LARGE_INTEGER 0x0
+0x040 Waiters : 0
+0x044 Busy : 1
+0x048 LastLock : (null)
+0x04c Lock : _KEVENT
+0x05c Event : _KEVENT
+0x06c CompletionContext : (null)
Stack Trace:
RDR_FILE_SYSTEM (27)
If you see RxExceptionFilter on the stack then the 2nd and 3rd
parameters are the
exception record and context record. Do a .cxr on the 3rd parameter
and then kb to
obtain a more informative stack trace.
The high 16 bits of the first parameter is the RDBSS bugcheck code,
which is defined
as follows:
RDBSS_BUG_CHECK_CACHESUP = 0xca550000,
RDBSS_BUG_CHECK_CLEANUP = 0xc1ee0000,
RDBSS_BUG_CHECK_CLOSE = 0xc10e0000,
RDBSS_BUG_CHECK_NTEXCEPT = 0xbaad0000,
Arguments:
Arg1: baad0080
Arg2: b609acb8
Arg3: b609a9b4
Arg4: b86f0b22
Debugging Details:
Page 7c9bb not present in the dump file. Type “.hh dbgerr004” for details
Page 27febb not present in the dump file. Type “.hh dbgerr004” for details
PEB is paged out (Peb.Ldr = 7ffd700c). Type “.hh dbgerr001” for details
PEB is paged out (Peb.Ldr = 7ffd700c). Type “.hh dbgerr001” for details
EXCEPTION_RECORD: b609acb8 – (.exr 0xffffffffb609acb8)
ExceptionAddress: b86f0b22 (rdbss!RxIsThisACscAgentOpen+0x00000038)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000000
Parameter[1]: 00000008
Attempt to read from address 00000008
CONTEXT: b609a9b4 – (.cxr 0xffffffffb609a9b4)
eax=00000000 ebx=b86f0b02 ecx=00000009 edx=00000000 esi=00000008
edi=b86f0b02
eip=b86f0b22 esp=b609ad80 ebp=b609ad90 iopl=0 nv up ei pl zr na
pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000
efl=00010246
rdbss!RxIsThisACscAgentOpen+0x38:
b86f0b22 f3a6 repe cmps byte ptr [esi],byte ptr es:[edi]
Resetting default scope
PROCESS_NAME: java.exe
CURRENT_IRQL: 0
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx
referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx
referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_PARAMETER1: 00000000
EXCEPTION_PARAMETER2: 00000008
READ_ADDRESS: 00000008
FOLLOWUP_IP:
rdbss!RxIsThisACscAgentOpen+38
b86f0b22 f3a6 repe cmps byte ptr [esi],byte ptr es:[edi]
FAULTING_IP:
rdbss!RxIsThisACscAgentOpen+38
b86f0b22 f3a6 repe cmps byte ptr [esi],byte ptr es:[edi]
BUGCHECK_STR: 0x27
DEFAULT_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE
LAST_CONTROL_TRANSFER: from b86fecf0 to b86f0b22
STACK_TEXT:
b609ad90 b86fecf0 8d376440 00000000 8c893da0
rdbss!RxIsThisACscAgentOpen+0x38
b609adb0 b86fb43b 00000000 b609ade0 b609adf0
rdbss!RxInitializeVNetRootParameters+0x282
b609ae18 b86fd63e 8e0df560 8c52d998 b609ae40
rdbss!RxFindOrConstructVirtualNetRoot+0xf6
b609ae50 b86fdb76 8d376440 8c52d998 8c927058
rdbss!RxCanonicalizeNameAndObtainNetRoot+0x1a2
b609aeb8 b86ee8d9 8d376440 8c52d998 8c927028 rdbss!RxCommonCreate+0x2c3
b609af48 b86fc9a2 b86f9028 8c52d998 8c927028 rdbss!RxFsdCommonDispatch+0x320
b609af68 b86a2a63 8ee11030 8c52d998 00000000 rdbss!RxFsdDispatch+0xd3
b609af88 8081df85 00000000 0152d998 8c52d998 mrxsmb!MRxSmbFsdDispatch+0x134
b609af9c f76e6b25 00000000 8c52d998 8c52da50 nt!IofCallDriver+0x45
b609afc0 f76f45de b609afe0 90605020 00000000
fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x20b
b609affc 8081df85 90605020 8c52d998 b609b11c fltmgr!FltpCreate+0x26a
b609b010 baee1203 b609b11c 8e2df680 8e2df6dc nt!IofCallDriver+0x45
WARNING: Stack unwind information not available. Following frames may be
wrong.
b609b050 baec417d b609b11c 8c52da74 907c7098
mfehidk!DEVICEDISPATCH::LowerDispatchPassThrough+0x51
b609b074 baec4f2d 00000002 8c52da74 8c927028 mfehidk+0x917d
b609b10c baee045b cccccccc 90bd0d28 908969a0 mfehidk+0x9f2d
b609b134 8081df85 908969a0 8c52d998 8c927028
mfehidk!DEVICEDISPATCH::DispatchPassThrough+0x48
b609b148 baf16bb7 8d929bc4 8d929bc0 00000000 nt!IofCallDriver+0x45
b609b17c baf172c9 8d929bc0 baf13188 8d929bc0 Mup!DnrRedirectFileOpen+0x443
b609b1dc baf16d1e 01929bc0 00f800c2 8c52da98 Mup!DnrNameResolve+0x52a
b609b20c baf156e8 8c74f090 8c52d998 90acf0e8
Mup!DnrStartNameResolution+0x28c
b609b27c baf15766 8c74f090 90acf030 8c52d998 Mup!DfsCommonCreate+0x237
b609b2c4 baf157be 90acf030 8c52d998 8c927028 Mup!DfsFsdCreate+0xde
b609b31c 8081df85 90acf030 8c52d998 8c52d998 Mup!MupCreate+0xbc
b609b330 808f904b b609b4d8 90acf018 00000000 nt!IofCallDriver+0x45
b609b418 80937a20 90acf030 00000000 8cb1cae0 nt!IopParseDevice+0xa35
b609b498 80933b54 00000000 b609b4d8 00000240 nt!ObpLookupObjectName+0x5b0
b609b4ec 808eaeff 00000000 00000000 09b56c00 nt!ObOpenObjectByName+0xea
b609b568 808ec210 8c9a57e8 00100000 b609b600 nt!IopCreateFile+0x447
b609b5b0 f76faa94 8c9a57e8 00100000 b609b600
nt!IoCreateFileSpecifyDeviceObjectHint+0x52
b609b658 f76fb1bb 00000000 00000000 e4281c80
fltmgr!FltpExpandFilePathWorker+0x118
b609b670 f76fb6e1 8c9a57a0 00000000 8c9a57a0 fltmgr!FltpExpandFilePath+0x19
b609b6a8 f76fb729 8c9a57a0 8c9a57a0 b609b7f8
fltmgr!FltpGetOpenedDestinationFileName+0x303
b609b6b8 f76fb8b5 8c9a57a0 f788f0f4 f789027c
fltmgr!FltpGetNormalizedDestinationFileName+0x13
b609b7f8 f787e719 90405008 8d3913a0 00000000
fltmgr!FltGetDestinationFileNameInformation+0x12b
b609b840 f787ee4f 8da2df5c 90405008 8d3913a0
vfiltr!GetParsedFileName+0x1a3
b609b870 f787f9c9 8da2df5c b6099000 904e5030
vfiltr!GetFileNameInformation+0xe3 b609b8a8 f7885dc3 8da2df5c b609b9b0
00000000 vfiltr!PopulateFileName+0xa5
b609b8e4 f7886086 8da2df5c b609b9b0 00000000 vfiltr!IsRenameAllowed+0x13b
b609b9f0 f76e5f2a 0009ba38 00000000 b609ba38
fltmgr!FltpPerformPreCallbacks+0x2d4
b609ba04 f76e68d2 b609ba38 00000000 90605020
fltmgr!FltpPassThroughInternal+0x32
b609ba20 f76e6ce3 b609ba00 00000000 90d35030 fltmgr!FltpPassThrough+0x1c2
b609ba50 8081df85 90605020 8c57ae48 b609bbfc fltmgr!FltpDispatch+0x10d
b609ba64 baee1203 8c57ae48 b609bbfc 00000000 nt!IofCallDriver+0x45
b609baa4 baec449e b609bbfc 8c57af24 907c7098
mfehidk!DEVICEDISPATCH::LowerDispatchPassThrough+0x51
b609bb50 baec4eed 00000002 8c57af24 8d3913a0 mfehidk+0x949e
b609bbec baee045b 55555555 90bd0d28 908969a0 mfehidk+0x9eed
b609bc14 8081df85 908969a0 8c57ae48 8c57af6c
mfehidk!DEVICEDISPATCH::DispatchPassThrough+0x48
b609bc28 baf23ac1 8c57af48 90bd0908 8c57ae48 nt!IofCallDriver+0x45
b609bc6c baf23bba 8d2233e8 8c57ae48 8c57af48
Mup!DfsCommonSetInformation+0xa3
b609bcac 8081df85 90acf030 8c57ae48 00000000 Mup!DfsFsdSetInformation+0x61
b609bcc0 808f115b b609bd64 5922fc94 808f0bbc nt!IofCallDriver+0x45
b609bd48 808897cc 00000c40 5922fccc 56581c60 nt!NtSetInformationFile+0x59f
b609bd48 7c82860c 00000c40 5922fccc 56581c60 nt!KiFastCallEntry+0xfc
5922fd2c 00000000 00000000 00000000 00000000 0x7c82860c