Just to have some closure on this, we have identified the problem here and it impacts a lot of minifilters. The problem is that SQL Server 2005 and 2008 call the backup APIs with asynchronous handles, which is not supported. Filter manager can under certain circumstances return STATUS_PENDING in cases where the file system would complete the operation synchronously and as such can expose this problem more often.
Upon further investigation we have found a lot of questions about this behavior, especially related to AV products and so we have asked the SQL Server team to write a KB article on this to explain the impact of this behavior on SQL Server. You can find the article here:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;970878
Regards,
Alex.
This posting is provided “AS IS” with no warranties, and confers no rights.
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Sarosh Havewala
Sent: Monday, March 16, 2009 12:12 PM
To: Windows File Systems Devs Interest List
Subject: Re:[ntfsd] SQL Server, Procmon and a minfilter
Vitaly,
Can you send me the output of ‘fltmc’ indicating what filters are attached to the volume when the error occurs?
Also can you trace into the file system calls issued by BackupSeek() and tell me which one failed and with what status?
Regards,
Sarosh.
File System Filter Lead
Microsoft Corp
This posting is provided “AS IS” with no warranties, and confers no Rights
Vitaly Vatnikov wrote:
Hi,
Sorry for the strange title, but I’m experiencing an error condition
which seems to involve the 3 mentioned components. Whenever I start
the SQL Server service (e.g. mssql$sqlexpress) while the Procmon.exe
is running I get an error like this in the application event log:FCB::RemoveAlternateStreams: Operating system error (null) occurred
while creating or opening file ‘c:\Program Files (x86)\Microsoft SQL
Server\MSSQL.1\MSSQL\DATA\master.mdf’. Diagnose and correct the
operating system error, and retry the operation.This error is flagged for all the SQL database files (.mdf). If I
restart the service without Procmon running, everything goes cleanly,
no errors. This happens consistently on both Windows 2003 and 2008. On
a Windows 2003 box, I tried to run with the old good Filemon instead,
and the error did not occur. IIRC, the Filemon uses the legacy fs
filter and the Procmon does the same thing with a minifilter. It seems
the sqlservr process stumbles on a BackupSeek() call, which returns an
error with the monitoring minifilter (PROCMON20) and works cleanly without it.I’m running into the same problem with my own minifilter as well. I’m
wondering if someone experienced similar behavior or can comment on that.Thanks,
- Vitaly
NTFSD is sponsored by OSR
For our schedule of debugging and file system seminars (including our new fs mini-filter seminar) visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer