The Question is:
Our database is currently self-serve user mode global sections accessed both
directly using pointers and via interface functions. We've sometimes had
corruption of the database because of a bug in a single task. We would like
to protect against that. One
alternative is to put the database in the private space of a database
server. Probably at the expense of speed. Another alternative is to put the
database in "system" space (not private, not public but protected).
Requiring access via sys$cm*(). Any comme
nts/suggestions/advise? New features that might be useful? In what other
space should we put it if any? How come there's no sys$cmsuper() - at least
not documented when there's sys$cmexec() and sys$cmkrnl()? Supervisor mode
seems like the least severe in
terms of invasion of system space.
The Answer is :
An appropriate approach would involve placing all routines with any
knowledge of the shared memory into a common shareable image, and
then debugging and maintaining and using this shareable image across
all images accessing the information in the shared memory. When
correctly architected, this approach also has the added advantage
of allowing other storage and retrieval mechanisms to be explorered
without requiring application modifications or even rebuilds.
Mapping the memory privately or in system space is certainly possible,
but no approach will avoid the possibility of corruption on access by
Failures in code using inner-mode memory protection mechanisms can also
result in process deletion or system crash -- if the existing code is
unreliable, then moving it to executive or kernel mode will tend to
exacerbate problems, not alleviate them.
Another existing mechanism that permits the use of shared memory with
a set of protections against structural corruptions, with correct
handling of memory barriers, with support for operation across nodes
within a cluster, and with full multi-process interlocking is RMS
(with global buffers enabled).
Also please see existing topics 1661, 2681, 2637, 3365, 3530, and 3635
for discussions relevent to shared memory.
As for your question on supervisor mode, the OpenVMS FAQ section MISC15
might be of interest.