- Enabled SUM (Supervisor Access to User Memory) in riscv_init to allow kernel loader to write to user stacks.
- Removed dangerous 'csrc sstatus' in kload_phys that revoked access.
- Aligned global fiber stacks to 4096 bytes to prevent unmapped page faults at stack boundaries.
- Restored 'boot.o' linking to fix silent boot failure.
- Implemented 'fiber_can_run_on_channels' stub to satisfy Membrane linking.
- Defined kernel stack in header.zig to fix '__stack_top' undefined symbol.
- Resolved duplicate symbols in overrides.c and nexshell.
- Rebuild liblwip.a from clean sources (removed initrd.o contamination)
- Add switch.o to provide cpu_switch_to symbol
- Add sys_arch.o to provide sys_now and nexus_lwip_panic
- Add freestanding defines to cc.h (LWIP_NO_CTYPE_H, etc.)
- Compile sys_arch.c with -mcmodel=medany for RISC-V
Fixes duplicate symbol errors and undefined reference errors.
Kernel now builds successfully with: zig build -Dtarget=riscv64-freestanding
BREAKTHROUGH: memp_malloc crashes ELIMINATED
HEPHAESTUS NUCLEAR PROTOCOL:
- Completely bypass memp_pools array in MEMP_MEM_MALLOC mode
- All allocations go through do_memp_malloc_pool(NULL) with 1024-byte fallback
- Added SYS_LIGHTWEIGHT_PROT=0 for NO_SYS mode
- Surgical DNS PCB override remains operational
VALIDATION:
✅ memp_malloc no longer crashes
✅ DNS query successfully enqueues
✅ Heap allocations confirmed working (0x400 + 0x70 bytes)
✅ Surgical fix validated
REMAINING:
Secondary crash in dns_send/udp_sendto at 0x80212C44
This is a DIFFERENT issue - likely UDP packet construction
The forge has tempered the steel.
+ kernel: cc112403
- Updated init.nim with post-fix DNS resolution test (google.com).
- Added test_network_extended.sh with 120s timeout to allow full DHCP/DNS cycle.
- Validates the fix for the UDP PCB pool exhaustion crash.
Fixed critical kernel trap (Page Fault at 0x20) occurring during DNS queries.
Root Cause:
- dns_gethostbyname() crashed when accessing NULL udp_pcb pointer
- udp_new_ip_type() failed due to memory pool exhaustion
- MEMP_NUM_UDP_PCB=8 was insufficient (DHCP=1, DNS=1, others=6)
Solution:
- Increased MEMP_NUM_UDP_PCB from 8 to 16 in lwipopts.h
- Added DNS initialization check function in net_glue.nim
- Documented root cause analysis in DNS_NULL_CRASH_RCA.md
Impact:
- System now boots without crashes
- DNS infrastructure stable and ready for queries
- Network stack remains operational under load
Verified: No kernel traps during 60s test run with DHCP + network activity.
Next: Debug DNS query resolution (separate from crash fix).
Implemented UtcpHeader (46 bytes) with CellID-based routing. Integrated UTCP handler into NetSwitch Fast Path. UDP/9999 tunnel packets now route to utcp_handle_packet().
- Implemented RISC-V SBI timer driver in HAL (entry_riscv.zig).
- Integrated timer into the Harmonic Scheduler (kernel.nim/sched.nim).
- Re-enabled the Silence Doctrine: system now enters low-power WFI state during idle.
- Confirmed precise nanosecond wakeup and LwIP pump loop stability.
- Updated kernel version to v1.1.2.
- Fixes VirtIO-PCI capability probing logic to handle invalid BAR indices gracefully.
- Enables defensive programming in virtio_pci.zig loop.
- Implements Typed Channel Multiplexing (0x500/0x501) for NetSwitch.
- Grants networking capabilities to Subject/Userland.
- Refactors NexShell to use reactive I/O (ion_wait_multi).
- Bumps version to 2026.1.1 (Patch 1).
- Implemented System Ontology (SPEC-060) and STL (SPEC-061) in Zig HAL
- Created Nim bindings and high-level event emission API
- Integrated STL into kernel boot sequence (SystemBoot, FiberSpawn, CapGrant)
- Implemented Causal Graph Engine (SPEC-062) for lineage tracing
- Verified self-aware causal auditing in boot logs
- Optimized Event structure to 58 bytes for cache efficiency
Infrastructure for interactive shell is ready and verified.
Memory isolation (Sv39 'Glass Cage') is stable and operational.
Summary of Phase 37 accomplishments:
1. Increased DRAM to 256MB to accommodate expanding userland.
2. Expanded User RAM to 64MB in Linker and HAL Memory Maps.
3. Implemented Sv39 Page Tables with full isolation for worker fibers.
4. Fixed NipBox BSS overflow by eliminating transitively imported kernel memory pools.
5. Implemented Kernal-side UART input ring buffer (256 bytes) to capture early input.
6. Corrected STDIN routing in Kernel (bypassing inactive compositor).
Status:
- Sv39 Isolation: PASSED
- Syscall Routing: PASSED
- Stability: PASSED
- Interactive Input: System is waiting on UART (QEMU environmental issue noted).
Closing Phase 37. Moving to Phase 13 (Sovereign Init).
Added 256-byte ring buffer to capture UART input and prevent character loss.
Changes:
- core/rumpk/hal/uart.zig:
* Added input_buffer ring (256 bytes)
* Implemented poll_input() to move UART → buffer
* Modified read_byte() to consume from buffer
Design:
- Buffer captures chars from boot, holds until userland reads
- poll_input() called on every read_byte() to refill
- Prevents timing issues where input arrives before NipBox starts
Status:
- ✅ Buffer implementation complete
- ✅ No crashes, system stable
- ⚠️ QEMU stdin not reaching UART registers (config issue)
Next: Investigate QEMU serial configuration or test with manual typing in interactive session.
Issue: NipBox was blocking on READ syscall forever.
Root Cause: Input was being routed to inactive compositor channel.
Fix: Route stdin directly to chan_input since compositor is not operational in Phase 37.
Status:
- ✅ STDIN routing path corrected
- ⚠️ UART input still not reaching NexShell (polling issue or timing)
Next: Investigate UART ISR or add buffering for pre-boot input.
PHASE 14: THE FORGE IS LIT
===========================
Implemented the Nexus Forge, a type-safe Nim-based build orchestrator that
replaces fragile shell scripts with a compiled, structured build system.
Core Components:
- src/nexus/forge.nim: Main CLI orchestrator (STC-1 'tinybox' implementation)
- src/nexus/builder/initrd.nim: Pure Nim TarFS writer with 512-byte alignment
- src/nexus/builder/kernel.nim: Kbuild wrapper (placeholder for Phase 16)
- blueprints/tinybox.kdl: First Standard Template Construct definition
InitRD Builder:
- Manual USTAR tar format implementation
- Strict 512-byte block alignment enforcement
- Correct checksum calculation and zero-padding
- Eliminates dependency on external 'tar' command
Build System Integration:
- Modified build.sh to invoke './nexus build' for InitRD packaging
- Forge-generated InitRD replaces legacy tar command
- Maintains backward compatibility during transition
PHASE 15: TARGET ALPHA - USERLAND UNIFICATION
==============================================
Transformed the Forge from a passive bridge into an active compiler driver
that fully controls NipBox (userland) compilation.
NipBox Compiler Driver (src/nexus/builder/nipbox.nim):
- 3-stage compilation pipeline: Nim → C → Object Files → Binary
- Exact ABI matching with kernel objects (RISC-V lp64d)
- Proper cross-compilation flags (-mcpu=sifive_u54 -mabi=lp64d)
- Structured configuration via NipBoxConfig type
Compilation Flow:
1. Nim transpilation with Sovereign Optimization flags
2. C compilation via zig cc with freestanding flags
3. Linking with membrane layer and userland entry point
Forge Activation:
- forge.nim now invokes build_nipbox() instead of using pre-built artifacts
- Single command './nexus build' compiles entire userland from source
- Eliminates dependency on build.sh for NipBox compilation
Verified Artifacts:
- core/rumpk/build/nipbox: 60KB RISC-V ELF with double-float ABI
- core/rumpk/build/initrd.tar: 62KB USTAR archive with 512-byte alignment
Status:
✅ Target Alpha Complete: Forge controls userland compilation
⏳ Target Bravo Pending: Kernel build still managed by build.sh
⏳ Target Charlie Pending: Registry integration deferred
- hal/virtio_block: Implemented global bounce buffers and Used Ring Polling for stable, synchronous I/O.
- core/fs/sfs: Implemented sfs_write_file to handle SFS file creation and data writing.
- core/ion: Added CMD_FS_WRITE syscall definition.
- core/kernel: Added CMD_FS_WRITE syscall handler and fs/sfs integration.
- npl/nipbox: Added nexus_file_write wrapper and updated Scribe (ed) to use it for saving files.
- Implemented 'virtio-block' driver (hal/virtio_block.zig) for raw sector I/O.
- Updated 'virtio_pci.zig' with dynamic I/O port allocation to resolve PCI conflicts.
- Integrated Block I/O commands (0x600/0x601) into Kernel and ION.
- Added 'dd' command to NipBox for testing read/write operations.
- Fixed input buffering bug in NipBox to support longer commands.
- Added documentation for Phase 10.
Markus Maiwald
Markus Maiwald