ECO NUMBER: VMS712_RMS-V0100 ----------- PRODUCT: OpenVMS Alpha Operating System -------- UPDATED PRODUCT: OpenVMS Alpha Operating System 7.1-2 ---------------- APPRX BLCK SIZE: 2960 ---------------- COVER LETTER 1 KIT NAME: VMS712_RMS-V0100. 2 KITS SUPERSEDED BY THIS KIT: None. 3 KIT DEPENDENCIES: 3.1 The following remedial kit(s) must be installed BEFORE installation of this, or any required kit: o VMS712_UPDATE-V0300 o VMS62TO71U2_PCSI-V0200 3.2 In order to receive all the corrections listed in this kit, the following remedial kits should also be installed: None. 4 KIT DESCRIPTION: 4.1 Version(s) of OpenVMS to which this kit may be applied: OpenVMS Alpha V7.1-2. 4.2 Files patched or replaced: o [SYS$LDR]RMS.EXE (new image) o [SYSLIB]SDARMS$SHARE.EXE (new image) o [SYS$LDR]DDIF$RMS_EXTENSION.EXE (new image) o [SYSLIB]CONVSHR.EXE (new image) o [SYSEXE]CONVERT.EXE (new image) o [SYSEXE]RECLAIM.EXE (new image) o [SYSEXE]FAL.EXE (new image) -- COVER LETTER -- Page 2 6 November 2000 o [SYS$LDR]RMSDEF.STB (new file) 5 PROBLEMS ADDRESSED IN VMS712_RMS-V0100 KIT o Fix to prevent an ACCVIO on a Put or update to an indexed file. A LDQ (load quad) instruction generated by the Bliss-64 compiler (default quadword alignment) may result in an attempt being made to read or write 4 bytes beyond the end of an RMS internal buffer which ends exactly on a page boundary with an adjacent inaccessible page. The process may either: o Terminate (if SYSGEN parameter BUGCHECKFATAL not enabled) with an access violation (ACCVIO); or o Crash the system (if BUGCHECKFATAL enabled) with a SSRVEXCEPT ACCVIO. There are too many variables (for example, bucket size, number of buffers, record location, number of keys) to predict in advance that a file is vulnerable to this problem. However, we do know that the right combination of conditions must be rare since the problem has been dormant for several releases. It was introduced with the conversion of several Bliss-32 RMS modules to Bliss-64 as part of the support for 64-bit addresses added to Alpha V7.0. o Mark the Buffer Descriptor as busy for asynch multistreamed block IO autoextends Performing multistreamed asynchronous Block IO to a sequential file could result in random data corruption and/or sporadic SS$_BADPARAM errors if an autoextend occurs. This fix is included in OpenVMS Alpha V7.2-1H1. o Fix for potential application (or system) hang associated with global buffer hashing interlock. This kit includes fixes for two problems with the global buffer hashing interlock implementation that have the potential of blocking the progress of other processes and thus inducing an application hang: o Close potential window when a process is deleted. Expand the interlocked instruction for one bit to include whole quadword so that modify of both interlock and pid gets done as an atomic operation. Otherwise, a process could be deleted after it had set the interlock but before its pid had been assigned, which could result in there being no way to detect that an interlock was held by a nonexistent -- COVER LETTER -- Page 3 6 November 2000 process. o Vary the timer delay before each retry for a process waiting for an interlock to be released. With sufficient contention, it was found that the system timer processing at IPL 8 could block progress for the process currently holding the interlock when expiration times were all restricted to 1 Msec. This fix is included in OpenVMS Alpha V7.2-1H1. o Correction for processes exiting with RMS IORNDN non-fatal bugcheck. Processes may disappear with RMS IORNDN non-fatal bugchecks when an EXIT is requested by an Executive-mode application (such as ACMS). This is a very small timing window, so processes with a large number of files increases the probability of the problem occurring. If the SYSGEN parameter BUGCHECKFATAL is not enabled, then the process will be terminated; if it is enabled, then the system will crash with a RMSBUG (R2=FFFFFFF0, IORNDN) bugcheck. This fix is included in OpenVMS Alpha V7.2-1H1. o FAL resource identifier file owner fix Creation of a file over the network into a directory owned by a resource identifier strips the high order 2 bits of the owner field, corrupting the ownership information. Checking the owner on the remote system will reveal a UIC looking value derived from the low order bits of the identifier. Directory commands to a remote system will also strip the high order 2 bits from a general identifier on the remote system, formatting the result in UIC format. The stripping of the high order 2 bits of the owner value may result in the following errors being returned to a non-privileged user performing a COPY/LOG to a remote directory owned by a resource identifier: %COPY-S-COPIED, {file spec.} copied to {remote file spec.} %COPY-E-CLOSEOUT, error closing {file specification} as output -RMS-E-PRV, insufficient privilege or file protection violation This fix is included in OpenVMS Alpha V7.2. o Support for SET RMS_DEFAULT /CONTENTION_POLICY to address locking fairness issues. The new Alpha global buffer read-mode lock support introduced in V7.2-1H1 is functionally compatible with both VAX and older Alpha releases. Operations in mixed clusters produce correct -- COVER LETTER -- Page 4 6 November 2000 results. However, there is a locking fairness issue that may arise with mixed cluster operations. In a mixed cluster environment with very high contention for specific buckets, it is possible for accesses to write-shared files on nodes using read-mode bucket locking to dominate access to a bucket. Nodes without this support might be unable to access the bucket for a protracted period of time. It is also possible to observe comparable behavior on all OpenVMS versions when dealing with accesses to write-shared files without global buffers enabled -- even on a standalone system. A similar fairness issue between lock conversions and new lock requests may be observed in which the new lock requests may remain ungranted for an extended period of time. This kit includes support in RMS for a new option to improve fairness under high contention conditions for write-shared files, but selecting this option may noticably increase locking overhead. The option may be set at a process or system level. Since many applications will never encounter this issue, the default system behavior leaves this option disabled. A future lock management enhancement should make this fairness workaround unnecessary for later releases. The option is controlled using the /CONTENTION_POLICY qualifier to the DCL command SET RMS_DEFAULT. The following are valid PROCESS keywords (/SYSTEM not specified): NEVER Never use the higher overhead option to improve fairness for any write-shared files accessed by this process; minimal overhead. SOMETIMES Use this option for fairer bucket access (but higher overhead) to any write-shared files with global buffers enabled that are accessed by this process. ALWAYS Use this option for fairer bucket access (but higher overhead) to all write-shared files accessed by this process. SYSTEM_DEFAULT (Default) Use system setting. Note that this keyword is disallowed with /SYSTEM. The following are valid SYSTEM keywords (/SYSTEM specified): NEVER (Default) Never use the higher overhead option to improve fairness -- COVER LETTER -- Page 5 6 November 2000 for any write-shared files accessed on the system; minimal overhead. SOMETIMES Use this option for fairer bucket access (but higher overhead) to any write-shared files with global buffers enabled that are accessed on the system. ALWAYS Use this option for fairer bucket access (but higher overhead) to all write-shared files accessed on the system. In addition to the RMS image, modifications to the following images are required: - [SYSEXE]SET.EXE - [SYSEXE]SHOW.EXE - [SYSMSG]CLIUTLMSG.EXE - replacement of modified SET.CLD in [SYSLIB]DCLTABLES.EXE These modified images are available in the VMS712_CLIU-V0100 kit. The interface to this new functionality is not available until this CLIUTL kit is installed. Until the CLIUTL TIMA kit is available and installed, the default of NEVER for the CONTENTION_POLICY option cannot be overriden. o Prevent callable CONVERT from producing ACCVIO on repeated calls. The CONVERT utility may return an access violation and/or sort_on errors when it is repeatedly invoked from within an application utilizing the callable interface. Additionally, an invalid file structure may be created when the callable interface is invoked repeatedly from within an application. This fix is included in OpenVMS Alpha V7.2-1H1. o Expand statistic display fields for Convert. The record count and/or bucket counts displayed by the statistics function and ^T function of Convert were previously limited to 8 digits. This resulted in a field of "*"s being displayed when greater than 8 digits were required for displaying. This fix is included in OpenVMS Alpha V7.2-1H1. -- COVER LETTER -- Page 6 6 November 2000 6 KIT INSTALLATION RATING: The following kit installation rating, based upon current CLD information, is provided to serve as a guide to which customers should apply this remedial kit. (Reference attached Disclaimer of Warranty and Limitation of Liability Statement) INSTALLATION RATING: 1 : To be installed by all customers. 7 INSTALLATION INSTRUCTIONS: Install this kit with the POLYCENTER Software installation utility by logging into the SYSTEM account, and typing the following at the DCL prompt: PRODUCT INSTALL VMS712_RMS /SOURCE=[location of Kit] The kit location may be a tape drive, CD, or a disk directory that contains the kit. Additional help on installing PCSI kits can be found by typing HELP PRODUCT INSTALL at the system prompt This kit requires a system reboot. Compaq strongly recommends that a reboot is performed immediately after kit installation to avoid system instability If you have other nodes in your OpenVMS cluster, they must also be rebooted in order to make use of the new image(s). If it is not possible or convenient to reboot the entire cluster at this time, a rolling re-boot may be performed. Copyright (c) Compaq Computer Corporation 2000. All Rights reserved. This software is proprietary to and embodies the confidential technology of Compaq Computer Corporation. Possession, use, or copying of this software and media is authorized only pursuant to a valid written license from Compaq or an authorized sublicensor. This ECO has not been through an exhaustive field test process. Due to the experimental stage of this ECO/workaround, Compaq makes no representations regarding its use or performance. The customer shall have the sole responsibility for adequate protection and back-up data used in conjunction with this ECO/workaround.