Singularity 6.9.7

Hotfix: Demand Paging TOCTOU & Scope Resolution 🛠️

This hotfix addresses a compilation failure and a critical race condition introduced during the Demand Paging implementation.

• Build Resolution: Relocated handleDemandFault from paging_vmm.cpp to paging_core.cpp. This resolves the undeclared identifier build errors by ensuring the handler has proper access to file-scoped static variables (paging_lock and p2v).
• Security (TOCTOU & Info Leak): Refactored the Demand Paging fault handler to eliminate a Time-of-Check to Time-of-Use (TOCTOU) vulnerability. Physical frames are now zeroed before acquiring the paging lock and mapping the PTE. This prevents a race condition where another core could read uninitialized physical RAM (garbage data) before the memset completed, successfully closing a critical information leak vector.

Full Changelog: v6.9.6...v6.9.7

Singularity 6.9.5

Singularity OS v6.9.5 - Architectural Purity & Per-Task Security 🛡️

This release marks a definitive milestone in Singularity’s evolution toward a multi-architecture, enterprise-grade microkernel. Version 6.9.5 introduces a strict Hardware Abstraction Layer (HAL), implements per-task security primitives, and overhauls the system diagnostic suite for real-time integrity verification.

🏗️ Architectural Decoupling & HAL Evolution

• Architecture-Specific Isolation: Executed a massive migration of x86_64 specific components (ACPI, APIC, Timers, and Legacy Drivers) into the archs/cpu/x86_64 tree. This decoupling ensures the core kernel remains platform-agnostic, paving the way for upcoming ARM64 and RISC-V support.
• HAL Umbrella Integration: Established cpu_hal.h as the single, authoritative interface for hardware interaction. All kernel subsystems now communicate with the silicon through this abstraction layer, eliminating "spaghetti dependencies" and hardcoded port accesses.
• Linkage & Visibility Fixes: Resolved complex circular dependencies and "different language linkage" errors. Standardized extern "C" blocks across the FFI boundary, ensuring seamless interoperability between the C core, C++ drivers, and Rust safety modules.

🛡️ Hardened Security & Per-Task Isolation

• Per-Task Stack Canaries: Transitioned from a global stack guard to a Per-Thread Canary model. Every task now generates a unique, cryptographically secure canary upon creation. This prevents a single memory leak from compromising the entire kernel's stack protection.
• Kernel Stack ASLR (Randomized Padding): Implemented randomized stack offsets for every new kernel thread. By injecting 16-byte aligned random padding (up to 512 bytes) at the top of the stack, Singularity now effectively neutralizes Return-Oriented Programming (ROP) chains.
• Syscall Integer Overflow Shield: Fortified the is_valid_user_ptr logic with strict overflow checks. The validation math now prevents "wrap-around" exploits where a malicious Ring 3 application could bypass memory boundaries by providing extreme size values.

⚡ SMP Stability & Scheduler Refinement

• Infinite Recursion Resolution: Fixed a critical logic flaw in hal_cpu_get_id that caused a silent stack overflow during multi-core initialization. The function now performs a direct hardware APIC ID read, bypassing the recursive call chain.
• Microdelay Precision Fix: Corrected the microdelay timing logic used during AP (Application Processor) wakeup. By transitioning from system ticks (4ms) to raw hardware TSC cycles, the boot sequence achieved microsecond-level precision, eliminating boot-time hangs.
• Dynamic Priority Boosting & Aging: Enhanced the SCS (Scalable Core Scheduler). Interactive tasks (e.g., Shell, Input) now receive an immediate priority boost, while CPU-bound "hogs" are dynamically penalized, ensuring a highly responsive user experience even under heavy load.

📊 Enterprise Diagnostics & UI/UX

• SystemCheck 2.0 (Deep Scan): Overhauled the systemcheck command into a high-intensity diagnostic suite. It now performs 45+ concurrent checks across two distinct categories: Hardware Layer and Software & Kernel Layer, featuring a dynamic [CHECKING] status with real-time row updates.
• Hierarchical Disk Tree View: Replaced the separate disks and parts commands with a unified, lsblk-style tree view. The new output utilizes universal ASCII characters for maximum terminal compatibility and provides detailed capacity/usage metrics.
• Fixed-Point Precision Math: Implemented fixed-point arithmetic for storage reporting. Singularity now displays partition-to-disk ratios and free space with 0.1% precision (e.g., 12.5% instead of 12%), eliminating integer truncation errors.

🐛 Critical Bug Fixes & Refinements

• IO-APIC Edge-Triggering Guard: Implemented a strict "Drain Loop" in the PS/2 controller initialization. This ensures the IRQ line is pulled LOW before the IO-APIC routes the vector, preventing the "Cold Boot Input Freeze" common in virtualized environments.
• FPU/AVX Masking Safety: Fortified the FPU initialization sequence with defensive CPUID leaf checks, preventing #UD (Invalid Opcode) exceptions on hardware that incorrectly reports extended state capabilities.
• Legacy Port I/O Synchronization: Introduced io_wait_legacy() to ensure proper bus timing during the programming of legacy PC-AT components (PIC/PIT), increasing stability on older silicon.

🧹 Code Hygiene & Standards

• C23/C++23 Compliance: Standardized the codebase to the latest language specifications.
• Defensive Programming Enforcement: Applied a strict "No-Dangling-If" policy; every conditional block and switch statement now includes mandatory else and default branches to handle undefined hardware states.
• Comment Purge: Removed all temporary, localized, and non-English comments, achieving a clean, professional source tree ready for upstream contribution.

Full Changelog: v6.9.4...v6.9.5

Singularity 6.9.6

Singularity OS v6.9.6 - The Microkernel Ascendancy & Zero-Latency I/O 🚀

This monumental release marks Singularity's definitive transition into a true, enterprise-grade microkernel architecture. Version 6.9.6 completely eradicates legacy I/O bottlenecks, introduces Zircon-style IPC multiplexing, and implements advanced Demand Paging, resulting in unprecedented memory efficiency and hardware-level determinism.

🧠 Advanced Memory Management (VMM & PMM)

• Demand Paging (Lazy Allocation): The Virtual Memory Manager (VMM) has been completely overhauled. Allocating memory (e.g., 1 GB) now takes 0 milliseconds and consumes 0 bytes of physical RAM. Physical frames are only allocated on-the-fly via #PF (Page Faults) when the memory is actually touched, drastically reducing the system's memory footprint.
• The Stack Trap Fix: Implemented strict allocation rules for Kernel and IST Stacks. Stacks bypass Demand Paging to prevent catastrophic Triple Faults during Application Processor (AP) wakeups.
• PMM Data Race Eradication: Eliminated a highly critical re-entrancy vulnerability in the Physical Memory Manager. The static mut CPU Magazines were replaced with an array of IrqSpinlocks, ensuring 100% thread safety even if an interrupt triggers a memory allocation while another is in progress.

🚀 Zero-Latency Hardware Interrupts

• MSI / MSI-X Integration: Singularity no longer relies on the legacy IO-APIC for high-speed storage and bus controllers. NVMe, AHCI, xHCI (USB), and Intel HDA drivers now utilize Message Signaled Interrupts (MSI/MSI-X), writing directly to the processor's Local APIC. This eliminates bus contention and reduces interrupt latency to the absolute hardware minimum.

⚡ Zircon-Style IPC & I/O Multiplexing

• KPort Architecture: Introduced the KPort object, bringing Zircon/Fuchsia-style I/O multiplexing to Singularity. Threads can now sleep on a single port and be instantly awakened by packets queued from multiple KChannels or KEvents, eliminating CPU-intensive polling.
• IPC Move Semantics: Fixed a security flaw in the Kernel Object Model (KOM). When a Handle (Capability) is written to a KChannel, it is now strictly moved (deleted from the sender's table) rather than copied, enforcing strict ownership transfer.
• Capability Truncation Fix: Resolved a "Fail-Open" vulnerability where 64-bit capability flags were truncated to 0, bypassing security checks.

🖥️ 60FPS Asynchronous Rendering

• Console Render Daemon: The synchronous auto_flush mechanism has been destroyed. Terminal output is now written instantly to a RAM backbuffer. A dedicated PRIO_REALTIME daemon wakes up 60 times a second (16ms) to batch-copy only the dirty tiles to the VRAM. This completely eliminates screen tearing and lag during heavy I/O operations (like the help or ls commands).

🛡️ Silicon-Level Debugging & Security

• Hardware Watchpoints (DRx): Integrated CPU Debug Registers (DR0-DR3, DR7) into the kernel. Developers can now set hardware-level watchpoints via the shell (watch <addr>) to catch memory corruption in real-time. Handled #DB exceptions with the Resume Flag (RF) to prevent infinite debug loops.
• FPU/SSE Context Saving in ISR: Fixed a legendary bug where optimized memset calls inside the Page Fault handler corrupted the XMM registers of the interrupted task. The ISR now safely saves and restores the entire FPU/SSE context (fxsave/fxrstor).
• W^X AP Enforcement: Ensured that the CR0.WP (Write Protect) bit is strictly enforced for all Application Processors (APs), closing a vulnerability that allowed read-only memory modification.

🐛 Code Hygiene & Legacy Cleanup

• FAT32 Buffer Overwrite Fix: Fixed a bug in kom_probe_free_space where reading the fs_info sector overwrote BPB variables, causing FAT32 free space to report as "0 B".
• Clang-Tidy "Zero-Warning": Resolved critical Out-of-Bounds reads in cpuid.c and dead stores in isr.c. Suppressed false positives for a perfectly clean static analysis report.
• Rust 2024 Compliance: Upgraded all FFI boundaries to unsafe extern "C" and introduced the DeviceHandle wrapper to eliminate forced Send/Sync implementations, achieving "Fearless Concurrency".
• Speaker Eradication: The legacy PC Speaker driver (speaker.cpp) has been permanently removed from the codebase to maintain modern architectural purity.

Full Changelog: v6.9.5...v6.9.6

Singularity 6.9.4

Singularity OS v6.9.4 - Deterministic Stability & Silicon-Level Hardening 🛡️

This release represents a massive architectural cleanup and logic fortification. Version 6.9.4 resolves deep-seated synchronization bugs, eliminates memory leaks in core subsystems, and transitions critical firmware parsing to memory-safe Rust, achieving a new level of system determinism.

⚡ Advanced Synchronization & Multi-Core Logic

• RWLock "Double-Decrement" Fix: Resolved a critical logic flaw in the Readers-Writer Lock. The write_waiters counter is now atomically synchronized with the wait_queue_pop_safe result, preventing an integer underflow that previously led to permanent scheduler hangs under heavy thread contention.
• Double-Checked Slab Expansion: Fortified SlabCache::alloc with a double-check pattern. This prevents redundant physical memory allocations when multiple cores simultaneously attempt to expand the same slab cache, eliminating high-pressure memory waste.
• SCS Work-Stealing Livelock Shield: Refined the Scalable Core Scheduler. The work-stealing algorithm now performs an atomic check for "stealable" tasks (Count > 1) before attempting a lock, preventing cores from hindering each other's progress in high-affinity scenarios.

🛡️ Hardened Security & Memory Protection

• Hardware-Level Syscall Validation: Upgraded is_valid_user_ptr with a manual Hardware Page Table Walk. Every user-provided pointer is now verified against the actual page table entries (PTEs) for presence and permission bits before dereferencing, neutralizing advanced kernel-space DoS vectors.
• TSC-Augmented Canary Entropy: Enhanced the Stack Protector’s security. The canary seed generation now XORs raw hardware Time Stamp Counter (TSC) cycles, ensuring unique and unpredictable entropy even in virtualized environments where RDRAND/RDSEED might be unavailable or compromised.
• Firmware W^X Enforcement: Standardized the mapping of all BIOS/UEFI tables (RSDP, XSDT, DSDT) as strictly Read-Only and NX (No-Execute), creating a silicon-level barrier against firmware tampering.

🧱 Rust Core & HAL Overhaul

• Rust AML Parser Migration: Successfully migrated the DSDT AML (ACPI Machine Language) parser to Rust. Singularity now utilizes memory-safe &[u8] slices to parse _S5_ and _S3_ sleep packages, eliminating the risk of buffer overflows from untrusted or malformed firmware data.
• True NUMA Node Localization: Fixed the "NUMA Illusion" in the PMM. The alloc_contiguous_internal function now strictly filters physical extents based on the requesting CPU's NUMA node boundaries (start_frame to end_frame), achieving genuine memory-to-CPU proximity.
• HAL CRC32 Software Fallback: Encapsulated hal_crc32_u64. The system now detects SSE4.2 support at runtime; on legacy hardware, it transparently falls back to a software Castagnoli CRC32 implementation, preventing #UD (Invalid Opcode) crashes.

🐛 Critical Bug Fixes & Logic Refinement

• FAT-Walking Fallback: Implemented a hardware-level FAT table scanner in kom_probe_free_space. If the FSINFO sector is stale or uninitialized, the kernel manually counts free clusters, ensuring 100% accurate storage reporting for FAT32 volumes.
• Shell Path & Leak Fixes:
  • Fixed a critical crash in resolveAbsolutePath where calling cd .. at the drive root (C:\) would corrupt the path string.
  • Resolved a memory leak in executeScript where the script buffer was not freed during I/O or parsing failures.
• Alignment Constraint Preservation: Fixed a bug in vmm_alloc_aligned where Huge Page defaults would override larger user-requested alignments (e.g., 1024-page for specific DMA buffers), ensuring strict hardware alignment compliance.
• UEFI CRC32 Buffer Overflow Fix: Migrated the UEFI table verifier from a 128-byte static stack buffer to dynamic heap allocation, allowing the safe validation of large EFI system tables found on modern hardware.

🧹 UI/UX & Quality Assurance

• Enhanced Storage Reporting: The parts command now displays real-time free space percentages and features a dedicated section for Optical Media & Read-Only Volumes, preventing logical confusion with partitioned physical disks.
• Clang-Tidy "Zero-Warning" Audit: Resolved over 800 static analysis findings. This includes fixing strncpy null-termination risks, uninitialized va_list usage in serial_printf and sysinfo, and placement-new alignment mismatches.
• Legacy Macro Purge: Completely removed 0xB8000-era VGA_ macros. Transitioned to a unified, type-safe console_color_t Enum across the C++/Rust FFI boundary.
• LTO-Safe Diagnostics: Updated SystemCheck to use assembly-exported symbols (syscall_entry) for resolution tests, ensuring diagnostic reliability under aggressive ThinLTO.

Full Changelog: v6.9.3...v6.9.4

Singularity 6.9.3

Singularity OS v6.9.3 - Architectural Integrity & Logic Refinement 🛠️

This release focuses on resolving deep-seated synchronization logic bugs, hardening memory security through hardware-level validation, and establishing a deterministic architectural flow.

⚡ Memory & Performance Engineering

• Double-Checked Slab Locking: Resolved an SMP race condition in SlabCache::alloc. Redundant page allocations are now prevented by re-verifying list states after re-acquiring locks.
• True NUMA Node Enforcement: Eliminated the "NUMA Illusion" in the PMM. Contiguous allocations now strictly respect physical node boundaries (start_frame/end_frame), ensuring true memory-to-CPU proximity.
• Alignment Constraint Fix: Corrected a bug in vmm_alloc_aligned where Huge Page defaults (512) would override larger user-requested alignments, ensuring buffer consistency for high-end DMA.
• Exponential Spinlock Backoff: Implemented a dynamic backoff mechanism for Ticket Spinlocks to reduce L1 cache contention and memory bus pressure on many-core systems.

🛡️ Security & Hardening

• Hardware Page Walk (Syscall Guard): Hardened the Ring 3 ↔ Ring 0 boundary. The is_valid_user_ptr logic now performs a manual page table walk and permission check before dereferencing, neutralizing kernel-space pointer exploits.
• TSC-Augmented Stack Canary: Strengthened the Stack Protector's entropy by XORing raw hardware TSC cycles into the canary seed, providing robust protection in environments lacking RDRAND.
• Firmware Read-Only Lockdown: Standardized ACPI and UEFI table mapping to use PAGE_NX and Read-Only flags, preventing any unintended kernel-level writes to system firmware space.
• HAL SSE4.2 Software Fallback: Moved hal_crc32_u64 to a safe wrapper. If the CPU lacks SSE4.2, the kernel now transparently falls back to a software implementation instead of triggering an invalid opcode exception.

🧱 UEFI & Storage Logic

• UEFI Config Table Scanner: Implemented a native EFI Configuration Table parser to locate SMBIOS structures directly from the System Table when Multiboot2 tags are missing.
• Dynamic UEFI CRC32 Verifier: Fixed a potential stack overflow/corruption by migrating the UEFI table verifier from a 128-byte static buffer to dynamic heap allocation.
• FAT32/Optical Media Reporting:
  • Fixed a bug where FAT32 free space was reported as "0 B" instead of "Unknown" when FSINFO was stale.
  • Corrected the parts command to properly identify non-partitioned optical media (ISO9660/UDF).

🧹 Refactoring & Code Quality

• Unified Console Color Engine: Purged all legacy 0xB8000-era VGA_ macros. Transitioned to a centralized, type-safe console_color_t Enum across the C++/Rust FFI boundary.
• Defensive Flow Enforcement: Applied the "Strict Else" rule across all modified kernel paths, ensuring deterministic fallbacks and eliminating silent failures.
• Async Log Race Resolution: Removed redundant PCIe "Note" logs in Rust to prevent string interleaving/corruption with synchronous kernel output during boot.
• LTO-Safe Diagnostics: Switched SystemCheck to use assembly-exported symbols (syscall_entry) for resolution tests to bypass aggressive ThinLTO inlining.

Full Changelog: v6.9.2...v6.9.3

Singularity 6.9.2

Singularity OS v6.9.2 - Performance & Security Update 🚀

This release brings enterprise-grade stability, major speed improvements (boot time reduced to ~398ms), and critical security hardening for upcoming Ring 3 (User Mode) integration.

⚡ Performance & Optimizations

• Async Hardware Init: PCIe devices are forced to D0 state during enumeration. NVMe initialization is now asynchronous, eliminating spin-up wait times.
• O(1) Console Scrolling: Removed heavy VRAM memmove operations. The console now uses a zero-overhead circular history buffer.
• Lock-Free Scheduler: Replaced O(N) lock contention in work-stealing with atomic queue-size checks.
• VMM & Cache: Added 64-bit fast-path memory allocation, 2MB Huge Page support, and fast FNV-1a hashing for the disk cache.

🛡️ Security Hardening

• Syscall Stack Isolation: Added dedicated, guard-paged syscall stacks per CPU to prevent stack exhaustion attacks.
• SMAP/SMEP Guards: Implemented hardware-level stac/clac instructions for safe user-memory access.
• Process Tainting: Hardware exceptions (FPU/Page Faults) in drivers now gracefully isolate and terminate the faulting task instead of causing a system-wide Kernel Panic.

🐛 Critical Bug Fixes

• PCIe W1C Corruption: Fixed Write-1-to-Clear register corruption by enforcing strict 8/16-bit FFI I/O instead of 32-bit Read-Modify-Write.
• Scheduler Deadlocks: Resolved task_sleep hangs by migrating from BSP-only ticks to independent hardware TSC microsecond polling.
• Lost Wakeups: Fixed race conditions in mutex, rwlock, and semaphore by introducing cli/sti hardware guards during state transitions.
• Storage & Logs: Fixed FAT32 cluster underflow vulnerabilities and FFI logger snapshot drops.
• Misc: Corrected boot section timing measurements and fixed backup_creator.py read-only permission errors ([WinError 5]) on Windows.

Full Changelog: Singularity_Releases...v6.9.2

Singularity 6.9.1

This is the first public version of “Singularity”