FIX: You may experience heap corruption, and SQL Server 2000 may shut down with fatal access violations when you try to browse files in SQL Server 2000 Enterprise Manager on a Windows Server 2003 x64-based computer (916950)


The information in this article applies to:

  • Microsoft SQL Server 2000 Developer Edition
  • Microsoft SQL Server 2000 Enterprise Edition
  • Microsoft SQL Server 2000 Personal Edition
  • Microsoft SQL Server 2000 Standard Edition, when used with:
    • Microsoft Windows Server 2003, Standard x64 Edition
    • Microsoft Windows Server 2003, Enterprise x64 Edition
Bug: #40000113 (SQL Hotfix)
Microsoft distributes Microsoft SQL Server 2000 fixes as one downloadable file. Because the fixes are cumulative, each new release contains all the hotfixes and all the security fixes that were included with the previous SQL Server 2000 fix release.

SUMMARY

This article describes the following about this hotfix release:
  • The issues that are fixed by this hotfix package
  • The prerequisites for installing the hotfix package
  • Information about whether you must restart the computer after you install the hotfix package
  • Information about whether the hotfix package is replaced by any other hotfix package
  • Information about whether you must make any registry changes
  • The files that are contained in the hotfix package

SYMPTOMS

Consider the following scenario. Microsoft SQL Server 2000 Enterprise Manager is running on a Microsoft Windows Server 2003 x64 Edition-based computer. You try to browse files, and you click the ellipsis button (...) in any File dialog box in SQL Server 2000 Enterprise Manager. In this scenario, you may experience heap corruption, and SQL Server may shut down with fatal access violations.

Other threads or objects such as Microsoft Component Object Model (COM) objects may be loaded into SQL Server by using the sp_oacreate stored procedure. When this behavior occurs, OLEDB linked server providers that run in-process, SQL Mail, or SQLXML may also be affected and may cause the SQL Server process to shut down. Additionally, you may also experience this problem on clustered instances.

Notes
  • This problem only affects the 32-bit editions of SQL Server 2000 that run in the Windows on Windows 64 (WOW64) subsystem on Windows Server 2003 x64 editions.
  • This heap corruption problem does not affect any one of the SQL Server 2000 64-bit editions, such as those editions that run on IA-64 operating systems that use the Intel Itanium 2 architecture.
  • This problem does not affect 32-bit editions of SQL Server that are on the WOW64 subsystem on IA-64 operating systems.
  • This problem does not affect any editions of Microsoft SQL Server 2005.
This problem may occur because of the xp_availablemedia system extended stored procedure. When you click the ellipsis button (...) in the graphical user interface (GUI), the xp_availablemedia system extended stored procedure may be called to perform the file browse operation. In a clustered instance, Enterprise Manager calls the sp_MSSharedFixedDisk stored procedure, and the sp_MSSharedFixedDisk stored procedure calls the xp_availablemedia system extended stored procedure.

You may not notice the heap corruption until other threads use the default heap or until heap memory is freed. Any module that runs inside the Sqlservr.exe process can share the default heap in a process. Therefore, this kind of heap corruption can affect Xpstar.dll and other modules in which the xp_availablemedia system extended stored procedure is compiled.

For a list of all publicly released SQL Server 2000 Post-Service Pack hotfixes, see the following article in the Microsoft Knowledge Base:

894905 Cumulative list of the hotfixes that are available for SQL Server 2000 SP4

RESOLUTION

A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Only apply it to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next Microsoft SQL Server 2000 service pack that contains this hotfix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

Prerequisites

You must have Microsoft SQL Server 2000 Service Pack 4 (SP4) installed to apply this hotfix.

For more information about how to obtain SQL Server Service Pack 4, click the following article number to view the article in the Microsoft Knowledge Base:

290211 How to obtain the latest SQL Server 2000 service pack

Restart information

You do not have to restart the computer after you apply the hotfix.

Registry information

You do not have to change the registry.

Hotfix file information

This hotfix contains only those files that are required to correct the issues that this article lists. This hotfix may not contain of all the files that you must have to fully update a product to the latest build.

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.SQL Server 2000 32-bit versions
File nameFile versionFile sizeDateTimePlatform
Dtsui.dll2000.80.2191.01,593,34427-Mar-200621:10x86
Impprov.dll2000.80.2191.0102,40027-Mar-200621:10x86
Msgprox.dll2000.80.2191.094,20827-Mar-200621:10x86
Msrpjt40.dll4.10.9424.0188,47324-Jan-200608:13x86
Mssdi98.dll8.11.50523.0239,10406-Jun-200522:46x86
Ntwdblib.dll2000.80.2191.0290,81627-Mar-200621:10x86
Odsole70.dll2000.80.2191.069,63227-Mar-200621:10x86
Osql.exe2000.80.2191.057,34427-Mar-200619:25x86
Pfclnt80.dll2000.80.2191.0430,08027-Mar-200621:10x86
Replmerg.exe2000.80.2191.0163,84027-Mar-200619:34x86
Replprov.dll2000.80.2191.0237,56827-Mar-200621:10x86
Replrec.dll2000.80.2191.0315,39227-Mar-200621:10x86
Replsub.dll2000.80.2191.0270,33627-Mar-200621:10x86
Semexec.dll2000.80.2191.0856,06427-Mar-200621:10x86
Sqlagent.exe2000.80.2191.0323,58427-Mar-200619:09x86
Sqldiag.exe2000.80.2191.0118,78427-Mar-200620:15x86
Sqldmo.dll2000.80.2191.04,362,24027-Mar-200621:10x86
Sqlfth75.dll2000.80.2191.0102,40027-Mar-200619:23x86
Sqlservr.exe2000.80.2191.09,162,75227-Mar-200621:10x86
Sqlsort.dll2000.80.2191.0589,82427-Mar-200621:11x86
Stardds.dll2000.80.2191.0176,12827-Mar-200621:11x86
Svrnetcn.dll2000.80.2191.0110,59227-Mar-200621:11x86
Ums.dll2000.80.2191.035,32827-Mar-200621:11x86
Xpstar.dll2000.80.2191.0311,29627-Mar-200621:11x86
SQL Server 2000 Itanium architecture version
File nameFile versionFile sizeDateTimePlatform
Impprov.dll2000.80.2191.0244,73627-Mar-200621:14IA-64
Msgprox.dll2000.80.2191.0188,41627-Mar-200621:16IA-64
Mssdi98.dll8.11.50523.0758,78406-Jun-200522:46IA-64
Odsole70.dll2000.80.2191.0150,52827-Mar-200621:13IA-64
Osql.exe2000.80.2191.0149,50427-Mar-200621:13IA-64
Pfclnt80.dll2000.80.2191.01,187,84027-Mar-200621:35IA-64
Replmerg.exe2000.80.2191.0375,29627-Mar-200621:17IA-64
Replprov.dll2000.80.2191.0538,62427-Mar-200621:20IA-64
Replrec.dll2000.80.2191.0775,16827-Mar-200621:19IA-64
Replsub.dll2000.80.2191.0641,02427-Mar-200621:21IA-64
Sqlagent.exe2000.80.2191.01,061,37627-Mar-200621:38IA-64
Sqldiag.exe2000.80.2191.0334,33627-Mar-200621:37IA-64
Sqldmo.dll2000.80.2191.013,860,35227-Mar-200621:42IA-64
Sqlfth75.dll2000.80.2191.0246,78427-Mar-200621:16IA-64
Sqlservr.exe2000.80.2191.024,973,31228-Mar-200602:22IA-64
Sqlsort.dll2000.80.2191.0617,47227-Mar-200619:09IA-64
Svrnetcn.dll2000.80.2191.0427,52027-Mar-200621:32IA-64
Xpstar.dll2000.80.2191.0873,47227-Mar-200621:41IA-64

WORKAROUND

To work around this problem, you may temporarily prevent the use of the xp_availablemedia system extended stored procedure. To do this, use the following code example.
use master
	go
	if exists (select * from master.dbo.sysobjects where name = N'xp_availablemedia' 
			and type = N'X')
	exec sp_dropextendedproc N'xp_availablemedia'
go
If you want to re-add the xp_availablemedia system extended stored procedure after you install the hotfix, use the following code example.
use master
	go
	sp_addextendedproc N'xp_availablemedia',N'xpstar.dll'
	go
If you remove the procedure, any call to the sp_MSSharedFixedDisk stored procedure fails, and any File dialog box in SQL Server 2000 Enterprise Manager does not appear. You do not receive an error message in DTS Designer. However, the File dialog boxes do not appear. After you remove the xp_availablemedia system extended stored procedure, you must manually type the file name or the folder location that you want. Also, after you remove the xp_availablemedia system extended stored procedure and you click the ellipsis button (...) in SQL Server 2000 Enterprise Manager, you receive the following error message in a Microsoft SQL-DMO (ODBC SQLState: 42000) dialog box:
Error 2812: Could not find stored procedure 'xp_availablemedia'.
Note The xp_availablemedia system extended stored procedure may be automatically re-added to the SQL Server when any one of the following conditions is true:
  • You restore the master database.
  • You rebuild the master database by using the Rebuildm.exe utility.
  • You install a service pack or a hotfix.

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

MORE INFORMATION

Typically, the ntdll!RtlpCoalesceFreeBlocks or ntdll!RtlFreeHeap functions are the functions that are victims at the top of the thread stack when heap corruption occurs in the default heap. However, these functions are not the only functions that this kind of heap corruption may affect. Therefore, the access violation thread stack for any victim may vary. Additionally, you cannot determine the cause of the heap corruption by examining the victim thread stack alone, and the root cause of the heap corruption may be caused by other factors that are not listed in this article.

For example, a call to the xp_availablemedia system extended stored procedure may resemble the following:
  • In SQL Server Enterprise Manager, you expand SQL Server, you expand Management, you right-click Backup, and then you click New Backup Device.
  • In the Backup Device Properties - New Device dialog box, you click the ellipsis button (...) next to File name to locate a device.
The xp_availablemedia system extended stored procedure may also be called programmatically by using SQL DMO. You call the EnumAvailableMedia method of a SQL Server DMO object together with a MediaType parameter value of SQLDMOMedia_All, SQLDMOMedia_Tape, or SQLDMOMedia_SharedFixedDisk. Regardless of how you use the procedure, the outcome may always be the same.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Modification Type:MinorLast Reviewed:10/3/2006
Keywords:kbBug kbHotfixServer kbQFE KB916950 kbAudITPRO kbAudDeveloper
©2004 Microsoft Corporation. All rights reserved.