Issue: NipBox was blocking on READ syscall forever.
Root Cause: Input was being routed to inactive compositor channel.
Fix: Route stdin directly to chan_input since compositor is not operational in Phase 37.
Status:
- ✅ STDIN routing path corrected
- ⚠️ UART input still not reaching NexShell (polling issue or timing)
Next: Investigate UART ISR or add buffering for pre-boot input.
PHASE 14: THE FORGE IS LIT
===========================
Implemented the Nexus Forge, a type-safe Nim-based build orchestrator that
replaces fragile shell scripts with a compiled, structured build system.
Core Components:
- src/nexus/forge.nim: Main CLI orchestrator (STC-1 'tinybox' implementation)
- src/nexus/builder/initrd.nim: Pure Nim TarFS writer with 512-byte alignment
- src/nexus/builder/kernel.nim: Kbuild wrapper (placeholder for Phase 16)
- blueprints/tinybox.kdl: First Standard Template Construct definition
InitRD Builder:
- Manual USTAR tar format implementation
- Strict 512-byte block alignment enforcement
- Correct checksum calculation and zero-padding
- Eliminates dependency on external 'tar' command
Build System Integration:
- Modified build.sh to invoke './nexus build' for InitRD packaging
- Forge-generated InitRD replaces legacy tar command
- Maintains backward compatibility during transition
PHASE 15: TARGET ALPHA - USERLAND UNIFICATION
==============================================
Transformed the Forge from a passive bridge into an active compiler driver
that fully controls NipBox (userland) compilation.
NipBox Compiler Driver (src/nexus/builder/nipbox.nim):
- 3-stage compilation pipeline: Nim → C → Object Files → Binary
- Exact ABI matching with kernel objects (RISC-V lp64d)
- Proper cross-compilation flags (-mcpu=sifive_u54 -mabi=lp64d)
- Structured configuration via NipBoxConfig type
Compilation Flow:
1. Nim transpilation with Sovereign Optimization flags
2. C compilation via zig cc with freestanding flags
3. Linking with membrane layer and userland entry point
Forge Activation:
- forge.nim now invokes build_nipbox() instead of using pre-built artifacts
- Single command './nexus build' compiles entire userland from source
- Eliminates dependency on build.sh for NipBox compilation
Verified Artifacts:
- core/rumpk/build/nipbox: 60KB RISC-V ELF with double-float ABI
- core/rumpk/build/initrd.tar: 62KB USTAR archive with 512-byte alignment
Status:
✅ Target Alpha Complete: Forge controls userland compilation
⏳ Target Bravo Pending: Kernel build still managed by build.sh
⏳ Target Charlie Pending: Registry integration deferred
- hal/virtio_block: Implemented global bounce buffers and Used Ring Polling for stable, synchronous I/O.
- core/fs/sfs: Implemented sfs_write_file to handle SFS file creation and data writing.
- core/ion: Added CMD_FS_WRITE syscall definition.
- core/kernel: Added CMD_FS_WRITE syscall handler and fs/sfs integration.
- npl/nipbox: Added nexus_file_write wrapper and updated Scribe (ed) to use it for saving files.
- Implemented 'virtio-block' driver (hal/virtio_block.zig) for raw sector I/O.
- Updated 'virtio_pci.zig' with dynamic I/O port allocation to resolve PCI conflicts.
- Integrated Block I/O commands (0x600/0x601) into Kernel and ION.
- Added 'dd' command to NipBox for testing read/write operations.
- Fixed input buffering bug in NipBox to support longer commands.
- Added documentation for Phase 10.
- Resolved Sovereign Trap exit fault by refactoring kernel exit logic
- Implemented persistent Subject fiber with kload loop for clean respawns
- Fixed File not found loop by fixing initrd embedding with proper RISC-V ABI flags
- Eliminated 30KB truncation of initrd restoring full 80KB archive visibility
- Enhanced TarFS driver with robust path normalization
- Implemented exit syscall in libc_shim.zig with CMD_SYS_EXIT and nexus_yield
- Created hello.c and libnexus.h for userland testing
- Updated ion.nim and kernel.nim to handle CMD_SYS_EXEC and CMD_SYS_EXIT
- Ensured bin/nipbox is correctly copied to rootfs before packaging
- Improved NexShell signal integrity by consolidating ION packet transmission.
- Added 'ls' and enhanced 'matrix' control to NipBox (Sovereign Coreutils).
- Added emergency matrix override to NexShell kernel mode.
- Fixed 'command not found' errors caused by IPC fragmentation.
- Implemented Adaptive Governor 'Flood Control' Mode: Detects >80% ring load and forces context switch to ION Fiber.
- Created 'flood_ion.zig' payload to saturate ION rings.
- Achieved >1 Billion IOPS in 60s flood test with linear scaling.
- Drop Rate stabilized at ~0.4%, proving effective backpressure without starvation.
- System remained responsive; Watchdog did not fire (No Locking).
- Enabled -d:danger and -O3/LTO optimizations.
- Implemented Adaptive Governor (War Mode) in Kernel Scheduler to prioritize IO under load.
- Optimized ION Fiber to drain rings in batch mode.
- Created 'bench_ion.zig' for raw throughput measurement.
- Achieved 181 cycles/op (Batch Mode) vs 3300 cycles/op (Ping-Pong).
- Tuned Watchdog to avoid deadlock in cooperative benchmarking.
- Rumpk Core: Complete exorcism of LwIP/NET ghosts. Transitioned to ION nomenclature.
- ABI Sync: Synchronized Zig HAL and Nim Logic Ring Buffer layouts (u32 head/tail/mask).
- Invariant Shield: Hardened HAL pipes with handle-based validation and power-of-2 sync.
- Immune System: Verified Blink Recovery (Self-Healing) with updated ION Control Plane.
- NexShell: Major refactor of Command Plane for Sovereign Ring access.
- Architecture: Updated SPEC files and Doctrines (Silence, Hexagonal Sovereignty).
- Purge: Removed legacy rumk and nip artifacts for a clean substrate.
- Web: Updated landing page vision to match Rumpk v1.1 milestones.
- Implement Design by Contract in HAL and Kernel (Phase 2 Task 1)
- Add invariant checks to Sovereign Channels (pointer validation, bounds)
- Create invariant.nim for secure Logic-to-HAL transitions
- Codify Silence Doctrine in DOCTRINE.md and SPEC files
- Finalize Blink Recovery confirmation via Saboteur test
- Update SPEC-008, SPEC-009, SPEC-010, SPEC-011 with architectural refinements
- Sync Website vision with new technical milestones
- Implemented Sovereign Syscall Table at 0x801FFF00
- Added cooperative yielding (s_yield) for Guest/Kernel concurrency
- Initialized Guest RX Ring and flows in Kernel
- Bridged LwIP in Guest via net_glue and ion_client overrides
- Validated TCP handshake and data transmission (Subject Zero -> Host)
- Confirmed 'Hello from the Membrane!' via UART and Network
Added feature-colocated documentation for AI agent discoverability:
- core/README.md: L1 Nim logic overview
- hal/README.md: L0 Zig HAL overview, exported symbols
- boot/README.md: Linker scripts, memory layout
Panopticum Compliance: Each folder is now self-documenting.
TIME HAS BEEN INVENTED
======================
Rumpk now has cooperative multitasking with Fibers.
BOOT OUTPUT
-----------
[Fiber A] I am alive! Yielding to B...
[Fiber B] Hello from B! Yielding to A...
[Fiber A] I am back! Yielding to B...
[Fiber B] Returned! Yielding to A...
[Fiber A] Final return. Halting.
IMPLEMENTATION
--------------
hal/switch.S:
- ARM64 context switch (96-byte frame, 16-byte aligned)
- Saves x19-x28, x29 (FP), x30 (LR)
- Stack pointer swap between fibers
core/fiber.nim:
- FiberObject with state (sp, entry)
- fiber_trampoline() - entry point for new fibers
- init_fiber() - sets up initial stack frame
- switch() - cooperative yield to another fiber
BUILD FIXES
-----------
- Added -fno-sanitize=all to prevent ubsan interference
- Added --checks:off --assertions:off to Nim
- Fixed stack alignment (104 -> 96 bytes)
PHASES COMPLETED
----------------
✅ Phase 1: Documentation (SPEC-008/009/010)
✅ Phase 2: Pure Zig libc (Freestanding Doctrine)
✅ Phase 3: Cooperative Fibers (Ping Pong)
→ Phase 4: NPL loading + Ed25519
→ Phase 5: VisionFive 2 RISC-V
The unikernel can now multiplex execution.
POSIX threads are optional. We own the scheduler.
THE GHOST IN THE MACHINE IS EXORCISED
======================================
Rumpk now builds with ZERO C source files.
All libc functions are implemented in pure Zig.
WHAT CHANGED
------------
- NEW: hal/stubs.zig - Pure Zig libc implementation
- memcpy, memset, memmove, memcmp
- strlen, strcmp, strcpy
- malloc, free, realloc, calloc (bump allocator)
- printf, puts, putchar (route to UART)
- exit, abort (halt CPU)
- signal, raise (no-op stubs)
- REMOVED: core/cstubs.c dependency from build
- C code is now only Nim's generated IR
- UPDATED: kernel.nim
- Removed malloc/free/realloc exports
- Now imports from Zig stubs
- UPDATED: build.sh
- Compiles hal/stubs.zig separately
- Links stubs.o with hal.o and nimcache/*.o
DOCTRINE DOCUMENT
-----------------
- .agents/steering/FREESTANDING-DOCTRINE.md
- Codifies the 'Pure Zig ABI' principle
- Documents build requirements
- Lists all exported symbols
VERIFICATION
------------
$ file build/rumpk.elf
ELF 64-bit LSB executable, ARM aarch64, statically linked
$ qemu-system-aarch64 -M virt -kernel build/rumpk.elf
[Rumpk L0] Zig HAL Initialized
[Rumpk L1] Nim Kernel Alive!
[Rumpk L1] The Rubicon is crossed.
[Rumpk L1] Zig + Nim = Sovereign Metal.
This proves:
- POSIX is optional
- GCC is optional
- glibc/musl is optional
- We are the standard library now
Markus Maiwald