# Win 7 BSOD rdr_file_system



## ComradeHaz (Sep 24, 2009)

Hi all,

I have just acquired Win 7 x64 Pro, build 6400 from msdn having used the Beta and RC on this machine and in this set up before. I store all my files on a samba share, so the first thing I do on a new install is map to my share. On this build, though, as soon as I try to execute an install file from the network drive the system BSODs with the RDR_file_system error is thrown. The same thing happens if I point Firefox to my ff profile which is also stored on the network drive. 
I have attached all the dumps for your perusal. It seems to me this must be a bug in Windows as I have just reformatted and have nothing else installed. Any help on figuring out a workaround until Microsoft get enough reports of this to fix it would be greatly appreciated. 

All the best for now,
-Tom


----------



## DT Roberts (Jun 22, 2009)

First, there is no build 6400... You have build 7600 installed.


```
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 27, {baad0073, fffff880067a4ff8, fffff880067a4850, fffff88002c241af}

Probably caused by : rdbss.sys ( rdbss!RxCommonCreate+2df )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

RDR_FILE_SYSTEM (27)
    If you see RxExceptionFilter on the stack then the 2nd and 3rd parameters are the
    exception record and context record. Do a .cxr on the 3rd parameter and then kb to
    obtain a more informative stack trace.
    The high 16 bits of the first parameter is the RDBSS bugcheck code, which is defined
    as follows:
     RDBSS_BUG_CHECK_CACHESUP  = 0xca550000,
     RDBSS_BUG_CHECK_CLEANUP   = 0xc1ee0000,
     RDBSS_BUG_CHECK_CLOSE     = 0xc10e0000,
     RDBSS_BUG_CHECK_NTEXCEPT  = 0xbaad0000,
Arguments:
Arg1: 00000000baad0073
Arg2: fffff880067a4ff8
Arg3: fffff880067a4850
Arg4: fffff88002c241af

Debugging Details:
------------------


EXCEPTION_RECORD:  fffff880067a4ff8 -- (.exr 0xfffff880067a4ff8)
Cannot read Exception record @ fffff880067a4ff8

CONTEXT:  fffff880067a4850 -- (.cxr 0xfffff880067a4850)
rax=0000000000000000 rbx=00000000c0000016 rcx=fffff88002c1cac0
rdx=fffff8a007cf4fcc rsi=fffffa8005e8d770 rdi=fffffa80062c28c0
rip=fffff88002c241af rsp=fffff880067a5230 rbp=0000000000000001
 r8=0000000000000002  r9=fffff800027f9510 r10=0000000000000000
r11=fffff880067a4fd0 r12=fffff88002c1b110 r13=fffff88002c18aa0
r14=0000000000000004 r15=fffffa8005e8d7c8
iopl=0         nv up ei pl zr na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010246
rdbss!RxCommonCreate+0x2df:
fffff880`02c241af 488b4810        mov     rcx,qword ptr [rax+10h] ds:002b:00000000`00000010=????????????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800028f30e0
 0000000000000000 

FOLLOWUP_IP: 
rdbss!RxCommonCreate+2df
fffff880`02c241af 488b4810        mov     rcx,qword ptr [rax+10h]

FAULTING_IP: 
+683a952f021edd74
00000000`00000000 ??              ???

FAILED_INSTRUCTION_ADDRESS: 
+683a952f021edd74
00000000`00000000 ??              ???

BUGCHECK_STR:  0x27

LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff88002c241af

STACK_TEXT:  
fffff880`067a5230 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : rdbss!RxCommonCreate+0x2df


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  rdbss!RxCommonCreate+2df

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: rdbss

IMAGE_NAME:  rdbss.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc219

STACK_COMMAND:  .cxr 0xfffff880067a4850 ; kb

FAILURE_BUCKET_ID:  X64_0x27_NULL_IP_rdbss!RxCommonCreate+2df

BUCKET_ID:  X64_0x27_NULL_IP_rdbss!RxCommonCreate+2df

Followup: MachineOwner
---------

0: kd> lmvm rdbss
start             end                 module name
fffff880`02c00000 fffff880`02c51000   rdbss      (pdb symbols)          c:\symcache\rdbss.pdb\5DF928E544DB4FB9B1D46D17261F3EEC2\rdbss.pdb
    Loaded symbol image file: rdbss.sys
    Mapped memory image file: C:\SymCache\rdbss.sys\4A5BC21951000\rdbss.sys
    Image path: \SystemRoot\system32\DRIVERS\rdbss.sys
    Image name: rdbss.sys
    Timestamp:        Mon Jul 13 19:24:09 2009 (4A5BC219)
    CheckSum:         0005B02F
    ImageSize:        00051000
    File version:     6.1.7600.16385
    Product version:  6.1.7600.16385
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        3.7 Driver
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     rdbss.sys
    OriginalFilename: RDBSS.Sys
    ProductVersion:   6.1.7600.16385
    FileVersion:      6.1.7600.16385 (win7_rtm.090713-1255)
    FileDescription:  Redirected Drive Buffering SubSystem Driver
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
```


```
Event[91]:
  Log Name: System
  Source: Microsoft-Windows-WER-SystemErrorReporting
  Date: 2009-09-24T11:59:50.000
  Event ID: 1001
  Task: N/A
  Level: Error
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: persephone
  Description: 
The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000027 (0x00000000baad0073, 0xfffff880067a4ff8, 0xfffff880067a4850, 0xfffff88002c241af). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092409-16093-01.
```
First, try going to an elevated command prompt ("*Start*>type *cmd*>right-click>*Run as administrator*)and run the command *sfc /scannow*. Let us know the results.


----------



## ComradeHaz (Sep 24, 2009)

Was just about to update my post actually....


InfalliblexOne said:


> First, there is no build 6400... You have build 7600 installed.


Indeed, have no idea what came over me!

It turns out I have been victim to the "making a couple of changes at similar times and thus misdiagnosing" mallarchy;
First of all, the above problem *does* exist in the release candidate of Win 7 x64, despite me implying in my previous post it did not. 
Second, the issue only exists if the samba share being accessed requires authentication. 

I will swap the drives back over and run the sfc scan now and will post the results shortly or in the morning depending on how long it looks like it's going to take.

Thanks for your reply, 
- Tom


----------



## DT Roberts (Jun 22, 2009)

ComradeHaz said:


> Was just about to update my post actually....
> 
> Indeed, have no idea what came over me!
> 
> ...


Don't worry about it, there's no better way to learn than screwing things up. That's where all of my computer knowledge comes from :laugh:

The *sfc /scannow* can take quite a while. But, it sounds like this samba share...thing might not be fully compatible with Windows 7 yet. We'll leave that as a possibility.

Thanks for the quick reply.


----------



## ComradeHaz (Sep 24, 2009)

Yeah, knowing the issue lies within the authentication protocols reminded me of an issue vista has. I think this sums it up reasonably well and is the first thing googling found. So I guess looking at what Win 7 does with these protocols would be a good place to start.

Scanning underway...

-Tom


----------



## ComradeHaz (Sep 24, 2009)

Scan only took a couple of minutes, found no integrity violations. Sadly, though, it doesn't scan network drives, even if I point it at a specific file....

-Tom


----------



## sargue (Oct 30, 2009)

Same problem here. Just installed Windows 7 Pro 64 bits (fresh install) and as I hook up my samba share and start accessing files I got the same STOP 0x00000027, RDR_FILE_SYSTEM, rdbss.sys BSOD. Sometimes I can be using the share for a couple of hours and sometimes it crashes just as I login. Weird.

Googling it I've found some people who have fixed it updating networking drivers or uninstalling the antivirus. I was using the free MS Security Essentials. I've uninstalled it. Upgraded the networking drivers in my Asus P7P55D. No luck.


----------



## sargue (Oct 30, 2009)

I think I've found the solution.

See this forum post: http://www.sevenforums.com/crashes-...connected-linux-samba-share-2.html#post353759


----------

