Pilot Change Log
Last edited by Levin on December 9, 1982 11:39 am
Last edited by Paul Rovner on February 17, 1983 1:48 pm
This is a log of all changes made to the Rubicon version of the Pilot Kernel.
30-Nov-81 12:49:04
Modules affected: MapLogImpl
The maplog implementation was completely rewritten to avoid any reference to
RuntimeInternal.CleanMapLog. This means the maplog is no longer a true log
but a data structure that encodes the entire history of VM mapping changes
since system startup.
14-Jan-82 16:45:02
Modules affected: SwapBufferImpl.
The swap buffer implementation originally allocated enough virtual memory to
span all of real memory. This seems OK in a machine where the ratio of virtual
memory size to real memory size is large, but for our Dorados at present, the
ratio is only 4. Furthermore, there is no absolute guarantee that a swap
buffer the size of real memory is sufficient to avoid deadlock, although the
probability of such a mishap is extremely low. I've arbitrarily reduced the
size of the swap buffer to 500 pages until I can figure out a more useful way
of choosing its size.
14-Jan-82 16:57:39
Modules affected: FrameImpl
The implementations of Runtime.GetBcdTime and GetBuildTime were changed to
ensure that they always return sensible times. For GetBuildTime the time
returned comes from the boot file header, which is set up by MakeBoot. For
GetBcdTime, if the bcd is in a file that appears to have a leader page, the
create time of the file is returned; otherwise, if the bcd is in the boot
file, then the build time of the boot file is returned; otherwise,
System.gmtEpoch is returned. This is something of a hack, but we probably
can't do much better until all bcds can be relied upon to contain create
dates. At present, bcds produced by the Cedar compiler and binder only
have functional time stamps.
4-Feb-82 10:35:59
Modules affected: SpaceImplB
MakeReadOnly and MakeWritable now accept a space which may be a subspace of a
mapped space (but not a swap unit). Previously, only mapped spaces were allowed.
The motivation for this change is to allow the loader, when it is filling in
code links, to enable writing only in the subspace that corresponds to the
module it is processing. This is more than just an aesthetic change, since the
loader formerly had to apply MakeWritable to the entire mapping space, and if
any subspaces of the mapping space were pinned, we would die in CachedRegions.Appy
with Bug[makeWritableButNotSwappable]. This change involved a change to the
code that joins transactions (the mapping space enters the transaction, not just
the subspace). I'm not very confident that I got this right, but no one uses
transactions anyway, particularly on code! It also involved using the writeProtected
bit in a non-mapped space (i.e., a subspace of a mapped one). It is possible for
some subspaces of a mapped space that claims to be writeProtected to be writable,
and vice versa. I don't think this will actually cause damage, although there
may be some error checks around that are not tight enough any more.
4-Feb-82 10:51:45
Modules affected: SpaceImplB
Remap now plays by the rules of the new maplog mechanism (see 30-Nov-81 12:49:04).
Formerly, it tried to optimize the calls on MapLog.WriteLog, reducing 2 calls to
1 in the normal case. Given the already high cost of Remap, the additional
complexity needed to support this in MapLogImpl seems unjustified. Remap now
calls MapLog.WriteLog twice in all cases, once for umapping, once for mapping.
4-Feb-82 11:47:42
Modules affected: MapLogImpl
The compression of the maplog now is careful to avoid any partial entries in
the log, since the debugger might get confused. During compression it is
frequently the case that two identical entries exist in the log, and the
debugger must be prepared for this (CoPilot is). As a result of this change,
the overwriting of an entry during compression appears atomic to the debugger,
even if a page fault occurs during the overwrite.
4-Feb-82 13:17:13
Modules affected: SpaceImplA
The powerOf2 alignment logic in SpaceImplA.CreateAny had an uninitialized variable,
causing it to give random results. It is now fixed.
4-Feb-82 13:27:46
Modules affected: STLeafImpl
The maximum number of pages that the space/region data base can occupy is now
250 (formerly 150).
12-Feb-82 18:13:11
Modules affected: MapLogImpl
The compression logic no longer loses the first entry in the maplog.
13-Feb-82 13:05:11
Modules affected: SpaceImplB
GetMappingSpaceDesc now passes correct argument to Hierarchy.GetDescriptor. So
does the code (presently never executed) in GetCopyInfo.
16-Feb-82 12:15:45
Modules affected: FrameImpl
ValidateGlobalFrame was getting an address fault if it was passed NIL. I changed
InGFT to skip GFT[0], which would match NIL!
16-Feb-82 17:44:12
Modules affected: SpaceImplA
SpecialSpace.MakeProcedureResident and MakeProcedureSwappable, as well as
SpaceExtras.ActivateProc and DeactivateProc now accept a nested procedure
(indirect control link) as their parameter. Formerly, only outer procedures
(procedure PrincOps.ControlLink) were permitted. Also, the procedures
SpecialSpace.MakeGlobalFrame{Resident|Swappable} now notice if the frame is
allocated in the frame heap and, if so, do nothing.
22-Mar-82 12:40:43
Modules affected: ColorDisplayImpl
ColorDisplayImpl is now a part of the UserTerminalDriver configuration.
23-Mar-82 15:55:50
Modules affected: FrameImpl
Runtime.GetBuildTime now returns truth even if we have been ether-booted. This
depends on a corresponding change in MakeBoot that writes the boot file's
creation time into PSB.PDA.available[3..4].
6-Apr-82 13:43:20
Modules affected: PilotControl
Map logging is now always enabled unless an explicit M switch is supplied at boot
time. Formerly, if no local debugger was found and R was not specified, the M
switch was implicitly set. This isn't necessary when the map log can be maintained
without consulting the debugger.
28-Apr-82 10:09:00
Modules affected: Control.config, FileMgr.config, Filer.config, Swapper.config,
Transactions.config, VMMgr.config, MesaRuntime.config, Misc.config,
UserTerminalDriver.config, DiskDrivers.config, Store.config,
UnpackedPilotKernel.config, UtilityStore.config, UnpackedUtilityPilotKernel.config
The Pilot and UtilityPilot kernels now export all interfaces (subconfigurations
have been changed appropriately).
June 1, 1982 2:26 pm
Modules affected: TransactionImpl, TransactionExtras, TransactionsPack.pack
In order to permit CedarSnapshot to deal with transactions properly, the TransactionExtras
interface has been created and small modifications to the top-level flow of control in
crash recovery have been made. Specifically, DoCrashRecovery now does the "meat" of
the crash recovery work, and RecoverTransactions does the one-time set-up required at
boot time. DoCrashRecovery is intended to be called at rollback time.
June 1, 1982 3:56 pm
Modules affected: FrameImpl
The format of the loadstate has changed to allow more bcds. The only piece of Pilot that
actually looks inside this is Runtime.GetBcdTime, which has been appropriately tweaked.
In the course of this change, the dependence of Runtime.GetBcdTime on BcdOps and
BcdDefs has been removed, and with it, the dependency of the entire Pilot Kernel on
bcd formats vanishes.
June 4, 1982 9:56 am
Modules affected: SpaceImplA
The computation in CreateAny to locate a region with suitable alignment was incorrect
and would not find certain regions that were acceptable. This induced excessive
fragmentation and spurious InsufficientSpace errors.
June 10, 1982 9:26 am
Modules affected: ColorDisplayImpl, ColorCursorImpl, UserTerminalDriver.config
ColorCursorImpl is a new part of the UserTerminalDriver configuration, jointly exporting
ColorDisplay with ColorDisplayImpl.
June 16, 1982 5:18 pm
Modules affected: PhysicalVolumeImpl, FloppyChannelImpl, SA800Impl
These modules collectively export PhysicalVolume.Handle. Since Taft wants to make a
change to FormatTridentImpl, which also exports this type, we must all use the same
compiler to avoid a spurious exported type clash. Thus, this is a recompilation of the
modules only to change the representation of the exported type information in the BCDs.
June 16, 1982 5:35 pm
Modules affected: PilotNub
WorryCallDebugger had to be changed because fixed frame procedures that are not
called as trap handlers don't have source and destination links put on the stack. It
therefore couldn't figure out where it was called from. Accordingly, we insert an
indirect link to force the links to be pushed onto the stack.
August 3, 1982 3:56 pm
Modules affected: CachedRegionImplB SwapBufferImpl ProjectionImpl SpaceImplB STLeafImpl VMMControl Processes UtilitySpaceImpl
Correct all remaining occurrences of x ~IN y to be ~(x IN y).
August 4, 1982 11:00 am
Modules affected: Everything (source changes in FilerTransferImpl, PageFaultImpl)
Complete recompilation to convert Pilot interfaces to new symbol table format.
August 18, 1982 3:46 pm
Modules affected: FrameImpl
GetBcdTime (and the whole Pilot kernel) no longer depend on the loadstate format.
August 25, 1982 9:01 am
Modules affected: SpecialSpace, SpaceImplA
CreateAligned now has an additional parameter to provide finer control of space alignment.
August 25, 1982 9:56 am
Modules affected: Full recompilation, with source changes in the following:
File, Inline, Process, Runtime, Space, System, Transaction, Volume,
FileImpl, FrameImpl, Processes, SpaceImplA, SystemImpl, TransactionImpl, TransactionStateImpl,
UtilitySpaceImpl, VolumeImpl
The heavily-used public interfaces are now SAFE, at least to the extent permitted by their
inherent semantics
August 25, 1982 9:58 am
Modules affected: Mopcodes
The compiler's version of Mopcodes is now part of Pilot. This is an upward-compatible change,
adding Cedar-specific opcodes.
August 26, 1982 11:26 am
Modules affected: Runtime, Traps
Runtime.BoundsFault and Runtime.PointerFault are now ERRORs.
August 27, 1982 9:42 am
Modules affected: MiscAlpha
New floating point operations, aFSQRT and aFSC, have been added.
August 27, 1982 11:44 am
Modules affected: PilotControl, Traps
The modules that run before the ProcessorHead is started must be compiled to use no
instructions that are not implemented in microcode. This requires the /-m switch.
September 8, 1982 12:55 pm
Modules affected: FrameImpl
ValidateFrame and ValidateGlobalFrame now avoid getting address faults within the monitor.
September 15, 1982 4:32 pm
Modules affected:
CachedRegionImplB, PageFault, PageFaultImpl, SpaceImplB, SwapperControl,
UtilitySpaceImpl, UtilityStore.config, VMMgr.config, VMMgrPack.pack, WriteFault
Address and non-transaction WriteProtect faults are now reported as signals in
the process that incurs them. The new interface WriteFault mirrors PageFault. The latter
has had names changed to permit the implementation of the fault processing to be done in
a single module (PageFaultImpl) without name conflicts.
October 25, 1982 1:20 pm
Modules affected: FrameImpl
EnterGlobalFrame now sets the gfi field of the frame it is given. This must be done while
the gftLock is held, since otherwise ValidateGlobalFrame may give incorrect results or collapse.
October 25, 1982 3:32 pm
Modules affected: SpaceImplB, UtilitySpaceImpl
The VMHelper and WriteProtect handlers no longer fork separate processes to report bad
situations (address fault or write protect fault). This relies on the relevant code in
PageFaultImpl being resident and not generating page faults (especially for the VMHelper).
October 26, 1982 9:44 am
Modules affected: SpaceImplA
GetWindow now returns an appropriate WindowOrigin if the space it is passed is a subspace
of a mapped space. Formerly, this case was defined to produce Error[noWindow]. This error
is still raised if the space is neither mapped nor a subspace of a mapped space.
November 11, 1982 3:01 pm
Modules affected: FileImpl
All FileCache operations are now invoked from within the volume access lock. This ensures
that the file cache always reflects the true state of the volume. Formerly, it was possible
for the FileHelper to sneak in after a FileCache.FlushFile but before the volume access lock
had been acquired, causing incorrect information to be left in the cache after a change to
some file (e.g., SetSize).
November 21, 1982 10:47 am
Modules affected: Signals, TemporarySignals (new)
A provisional informational signal mechanism is now available.
December 8, 1982 5:11 pm
Modules affected: FileImpl, FileCacheImpl
Changing the attributes of a file no longer produces an intermediate state where the file
does not appear in the file cache. Thus, KernelFile.MakeTemporary[<executing bootfile>]
now avoids a deadlock which would result if the supposedly pinned file cache entries were
flushed from the cache. This is what used to happen, and it was unnecessary, since all that
was really needed was a way to reset the relevant attribute information in the cache entry.
There is still a minor race in here -- see the comment in FileImpl.
December 8, 1982 9:57 pm
Modules affected: FrameImpl
ValidateGlobalFrame[NIL] no longer gives an address fault with the monitor lock held.
December 8, 1982 10:04 pm
Modules affected: PageFaultImpl
An address or write protect fault in a process with a dirty cleanup link now triggers a
world-swap rather than propagating a signal. This is to avoid subsequent collapse if, in
the process of handling the signal, some code executes a WAIT.
December 9, 1982 11:37 am
Modules affected: FileImpl
The return value of SetSizeInternal wasn't being initialized properly, due to a previous
erroneous edit (November 11, 1982 3:01 pm).
February 17, 1983 1:50 pm
Modules affected: FileCacheImpl, CachedSpaceImpl
I expanded three cache size limits, all commented with PDR in the above modules.
�Date�
Modules affected: �Modules�
�Change�
�Date�
Modules affected: �Modules�
�Change�