You may experience performance and consistency issues with SQL Server when certain modules are loaded into SQL Server address space

Article ID: 2033238 - View products that this article applies to.
Expand all | Collapse all

SYMPTOMS

You may encounter the following symptoms when certain modules are loaded into the SQL Server process address space [sqlservr.exe]
  • Reporting of various hang related error messages and conditions [SQL Server scheduler messages like 17883, Application time-out messages, severe blocking within SQL Server.
  • Very slow response from SQL Server even when the concurrent amount of load is not unusually heavy.
  • Exceptions (like Access Violation), critical error messages about database consistency, assertion messages or unexpected process termination.
Back to the top | Give Feedback

CAUSE

Applications installed on a SQL Server computer can load certain modules into the SQL Server process [sqlservr.exe]. This may be done to achieve a specific business logic requirement, an enhanced functionality or for intrusion monitoring. These modules might perform unsupported activities that include detouring key Win32 API’s and SQL Server routines and calling risky API’s. In addition there could be some inherent problems within these modules that may lead to corruption of various memory structures that are key for the SQL Server process to function properly. Alll these factors can lead to various problems that are discussed in the Symptoms section of this article.
Back to the top | Give Feedback

RESOLUTION

Following is a general approach that you can use to resolve these situations in your environment:
  1. Identify the module that is loaded into the SQL Server process and is causing the problem
  2. Perform the following actions for the module in question:
    1. Configure the application or software in such a way that it does not load the specific module into the SQL Server process.
    2. Contact the vendor of the module or application software, check for updates and apply them if available.
    3. In some rare situations, it may be necessary to remove the module and its associated software to bring back stability to the SQL Server process and the system.
      Warning This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.
In some instances, it may be necessary to perform all of the above actions.
Back to the top | Give Feedback

MORE INFORMATION

Microsoft Customer Support and Services (CSS) team has identified the following modules that can cause the symptoms specified in this article. The list will be updated when new issues are found. This list is provided to help with the identification process mentioned earlier in the Resolution section of this article. Finding the problematic module typically involves collecting an iterative set of diagnostic and tracing data for the duration of the problem.

he following modules can cause performance and stability issues when they are loaded inside the SQL Server process:
  • ENTAPI.DLL
    ENTAPI.DLL is loaded into the SQL Server process if you install McAfee VirusScan Enterprise on a server running Microsoft SQL Server and configure this software to monitor SQL Server. When this module is loaded, important Win 32 API’s are also detoured inside the SQL Server process. If you observe that this module is loaded into SQL Server process, configure McAfee VirusScan Enterprise to exclude SQL Server [sqlservr.exe] from various advanced monitoring [like Buffer Overflow Protection].
  • HIPI.DLL
    HIPI.DLL is loaded into the SQL Server process if you install McAfee Host Intrusion Prevention software on the same system as SQL Server. If you observe that this module is loaded into SQL Server process, configure McAfee Host Intrusion Prevention to exclude SQL Server [sqlservr.exe] from its monitoring list.
  • SOPHOS_DETOURED.DLL and SOPHOS_DETOURED_x64.DLL
    SOPHOS_DETOURED.DLL is loaded into the SQL Server process if you install Sophos Antivirus program on a server that is running Microsoft SQL Server. If you observe that this module is loaded into SQL Server process, you can configure the AppInit_Dlls
    (http://www.sophos.com/support/knowledgebase/article/36501.html)
    registry key to avoid loading this module into SQL Server process.
  • PIOLEDB.DLL and PISDK.DLL
    These DLLs are loaded if you use the PI OLEDB provider to access data from a PI server or if you use extended stored procedures that use the PI SDK. If you notice that these modules are loaded into the SQL Server process, contact the vendor of these modules to configure the OLEDB provider as an out-of-process provider. This configuration helps to avoid the need to load these modules into the SQL Server process.
For more information about how to set exclusion policies for sqlservr.exe in the application software that is discussed earlier in this article, refer to the product manual or contact the software vendor.

SQL Server support policy:
The use of third-party detours or similar techniques is not supported in SQL Server
(http://support.microsoft.com/default.aspx?scid=kb;EN-US;920925)


For more information about the SQL Server process, click the following article numbers to view the articles in the Microsoft Knowledge Base:
198891
(http://support.microsoft.com/kb/906205/ )
How to run a DLL-based COM object outside the SQL Server process
243428
(http://support.microsoft.com/kb/243428/ )
How to move extended stored procedures out of process


The following table provides more information about the products or tools that automatically check for this condition in your instance of SQL Server and in the versions of SQL Server against which the rule is evaluated.
Collapse this tableExpand this table
Rule SoftwareRule TitleRule DescriptionProduct versions against which the rule is evaluated
System Center Advisor


Modules loaded in SQL Server that can cause server stability problemsSystem Center Advisor determines whether the list of DLLs mentioned in this article is loaded into the SQL Server process. Review the information that is provided in the “Information Collected” section of the advisor alert, and make the required configuration changes that are discussed in the article.SQL Server 2008
SQL Server 2008 R2
SQL Server 2008 R2 Best Practice Analyzer (SQL Server 2008 R2 BPA)

Windows API calls intercepted





The SQL Server 2008 R2 Best Practice Analyzer (SQL Server 2008 R2 BPA) provides a rule to detect the modules to support Buffer Overflow Protection that are loaded inside SQL Server. If you run the BPA tool, and you receive a Warning message that is titled "Engine - Windows API calls intercepted", the modules to support Buffer Overflow Protection are loaded inside SQL Server. BPA detects this by looking for any modules that have a name that resembles "%entapi.dll%" as found in the sys.dm_os_loaded_modules Dynamic Management View (DMV).SQL Server 2008
SQL Server 2008 R2



SQL Server 2012 Best Practice Analyzer (SQL Server 2012 BPA)Windows API calls intercepted



The SQL Server 2012 BPA provides a rule to determine whether the list of DLLs mentioned in this article is loaded into the SQL Server process. If you run the BPA tool and you receive a Warning message that is titled "Engine - Windows API calls intercepted", review the information provided in “Issue” statement of the BPA and make the required configuration changes that are discussed in the article.SQL Server 2012





The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

The information and the solution in this document represents the current view of Microsoft Corporation on these issues as of the date of publication. This solution is available through Microsoft or through a third-party provider. Microsoft does not specifically recommend any third-party provider or third-party solution that this article might describe. There might also be other third-party providers or third-party solutions that this article does not describe. Because Microsoft must respond to changing market conditions, this information should not be interpreted to be a commitment by Microsoft. Microsoft cannot guarantee or endorse the accuracy of any information or of any solution that is presented by Microsoft or by any mentioned third-party provider.

Microsoft makes no warranties and excludes all representations, warranties, and conditions whether express, implied, or statutory. These include but are not limited to representations, warranties, or conditions of title, non-infringement, satisfactory condition, merchantability, and fitness for a particular purpose, with regard to any service, solution, product, or any other materials or information. In no event will Microsoft be liable for any third-party solution that this article mentions.
Back to the top | Give Feedback

Properties

Article ID: 2033238 - Last Review: April 2, 2012 - Revision: 4.0
APPLIES TO
  • Microsoft SQL Server 2005 Developer Edition
  • Microsoft SQL Server 2005 Enterprise Edition
  • Microsoft SQL Server 2005 Enterprise Edition for Itanium-based Systems
  • Microsoft SQL Server 2005 Enterprise X64 Edition
  • Microsoft SQL Server 2005 Express Edition
  • Microsoft SQL Server 2005 Express Edition with Advanced Services
  • Microsoft SQL Server 2005 Standard Edition
  • Microsoft SQL Server 2005 Standard X64 Edition
  • Microsoft SQL Server 2005 Workgroup Edition
  • Microsoft SQL Server 2008 Developer
  • Microsoft SQL Server 2008 Enterprise
  • Microsoft SQL Server 2008 Express
  • Microsoft SQL Server 2008 Express with Advanced Services
  • Microsoft SQL Server 2008 R2 Datacenter
  • Microsoft SQL Server 2008 R2 Developer
  • Microsoft SQL Server 2008 R2 Enterprise
  • Microsoft SQL Server 2008 R2 Express
  • Microsoft SQL Server 2008 R2 Express with Advanced Services
Keywords: 
KB2033238
Back to the top | Give Feedback

Give Feedback

 
Back to the topBack to the top