Singularity 6.9.5

Singularity OS v6.9.5 - Architectural Purity & Per-Task Security 🛡️

This release marks a definitive milestone in Singularity’s evolution toward a multi-architecture, enterprise-grade microkernel. Version 6.9.5 introduces a strict Hardware Abstraction Layer (HAL), implements per-task security primitives, and overhauls the system diagnostic suite for real-time integrity verification.

🏗️ Architectural Decoupling & HAL Evolution

• Architecture-Specific Isolation: Executed a massive migration of x86_64 specific components (ACPI, APIC, Timers, and Legacy Drivers) into the archs/cpu/x86_64 tree. This decoupling ensures the core kernel remains platform-agnostic, paving the way for upcoming ARM64 and RISC-V support.
• HAL Umbrella Integration: Established cpu_hal.h as the single, authoritative interface for hardware interaction. All kernel subsystems now communicate with the silicon through this abstraction layer, eliminating "spaghetti dependencies" and hardcoded port accesses.
• Linkage & Visibility Fixes: Resolved complex circular dependencies and "different language linkage" errors. Standardized extern "C" blocks across the FFI boundary, ensuring seamless interoperability between the C core, C++ drivers, and Rust safety modules.

🛡️ Hardened Security & Per-Task Isolation

• Per-Task Stack Canaries: Transitioned from a global stack guard to a Per-Thread Canary model. Every task now generates a unique, cryptographically secure canary upon creation. This prevents a single memory leak from compromising the entire kernel's stack protection.
• Kernel Stack ASLR (Randomized Padding): Implemented randomized stack offsets for every new kernel thread. By injecting 16-byte aligned random padding (up to 512 bytes) at the top of the stack, Singularity now effectively neutralizes Return-Oriented Programming (ROP) chains.
• Syscall Integer Overflow Shield: Fortified the is_valid_user_ptr logic with strict overflow checks. The validation math now prevents "wrap-around" exploits where a malicious Ring 3 application could bypass memory boundaries by providing extreme size values.

⚡ SMP Stability & Scheduler Refinement

• Infinite Recursion Resolution: Fixed a critical logic flaw in hal_cpu_get_id that caused a silent stack overflow during multi-core initialization. The function now performs a direct hardware APIC ID read, bypassing the recursive call chain.
• Microdelay Precision Fix: Corrected the microdelay timing logic used during AP (Application Processor) wakeup. By transitioning from system ticks (4ms) to raw hardware TSC cycles, the boot sequence achieved microsecond-level precision, eliminating boot-time hangs.
• Dynamic Priority Boosting & Aging: Enhanced the SCS (Scalable Core Scheduler). Interactive tasks (e.g., Shell, Input) now receive an immediate priority boost, while CPU-bound "hogs" are dynamically penalized, ensuring a highly responsive user experience even under heavy load.

📊 Enterprise Diagnostics & UI/UX

• SystemCheck 2.0 (Deep Scan): Overhauled the systemcheck command into a high-intensity diagnostic suite. It now performs 45+ concurrent checks across two distinct categories: Hardware Layer and Software & Kernel Layer, featuring a dynamic [CHECKING] status with real-time row updates.
• Hierarchical Disk Tree View: Replaced the separate disks and parts commands with a unified, lsblk-style tree view. The new output utilizes universal ASCII characters for maximum terminal compatibility and provides detailed capacity/usage metrics.
• Fixed-Point Precision Math: Implemented fixed-point arithmetic for storage reporting. Singularity now displays partition-to-disk ratios and free space with 0.1% precision (e.g., 12.5% instead of 12%), eliminating integer truncation errors.

🐛 Critical Bug Fixes & Refinements

• IO-APIC Edge-Triggering Guard: Implemented a strict "Drain Loop" in the PS/2 controller initialization. This ensures the IRQ line is pulled LOW before the IO-APIC routes the vector, preventing the "Cold Boot Input Freeze" common in virtualized environments.
• FPU/AVX Masking Safety: Fortified the FPU initialization sequence with defensive CPUID leaf checks, preventing #UD (Invalid Opcode) exceptions on hardware that incorrectly reports extended state capabilities.
• Legacy Port I/O Synchronization: Introduced io_wait_legacy() to ensure proper bus timing during the programming of legacy PC-AT components (PIC/PIT), increasing stability on older silicon.

🧹 Code Hygiene & Standards

• C23/C++23 Compliance: Standardized the codebase to the latest language specifications.
• Defensive Programming Enforcement: Applied a strict "No-Dangling-If" policy; every conditional block and switch statement now includes mandatory else and default branches to handle undefined hardware states.
• Comment Purge: Removed all temporary, localized, and non-English comments, achieving a clean, professional source tree ready for upstream contribution.

Full Changelog: v6.9.4...v6.9.5

Singularity 6.9.6

GitHub Release: Singularity OS v6.9.6 - HAL Abstraction & Kernel Logic Fortification 🛡️

This release marks the completion of the Hardware Abstraction Layer (HAL) and the resolution of several deep-seated logical anomalies. Version 6.9.6 achieves 100% architecture-agnostic driver logic, hardens memory protection with NXE enforcement, and optimizes console rendering for a seamless boot experience.

🏗️ Hardware Abstraction Layer (HAL) Completion

• Universal Driver Isolation: Successfully decoupled NVMe, AHCI, and VirtIO drivers from x86_64 specific instructions. Drivers now utilize the HAL API for I/O ports, memory barriers, and cache management, making the storage stack ready for non-x86 architectures.
• Memory Barrier Standardization: Integrated hal_memory_barrier_acquire/release/full across all DMA-capable drivers, ensuring strict memory ordering and preventing race conditions between the CPU and high-speed storage controllers.

🛡️ Security & Silicon-Level Hardening

• NXE (No-Execute) Activation: Fixed a critical oversight in the boot sequence where the NXE bit was not set in the EFER MSR. This release officially enables hardware-enforced W^X protection, ensuring that PAGE_NX mappings are strictly non-executable.
• APIC ISR Exhaustion Fix: Upgraded the APIC interrupt clearing logic to scan all 8 In-Service Registers (0x100-0x170). This prevents spurious interrupt leakage and potential system hangs caused by uncleared hardware event bits.
• TSC-Deadline Precision: Resolved a 16x frequency mismatch in the one-shot timer. The system now correctly utilizes raw TSC cycles for microsecond-precision deadlines, achieving deterministic task scheduling.

⚡ Performance & Memory Optimization

• Exponential Blob Growth: Optimized KVolatileBlob::write to use a Capacity * 2 growth factor. This transitions the memory allocation complexity from O(n²) to O(n), significantly speeding up large file writes and script execution.
• NT-Store Graphics Acceleration: Integrated Non-Temporal (NT) stores into Surface::blit using memcpy_nt_avx. This allows backbuffer-to-VRAM transfers to bypass the CPU cache, maximizing PCIe bandwidth and reducing screen tearing.
• Boot Latency Reduction: Eliminated a redundant console_redraw call during the auto-flush transition, shaving off ~100ms from the kernel initialization sequence.

🐛 Logic Refinement & Bug Fixes

• Atomic Mutex Guard: Fortified mutex_lock and sem_wait with a thread-presence check, preventing Triple Faults during early boot or uninitialized CPU states.
• Write-Append Logic: Updated the write shell command to perform an append operation by default, preventing accidental data loss when modifying existing blobs.
• SystemCheck Hypervisor Awareness: Refined the Cache Hierarchy detection. The diagnostic suite now recognizes Hypervisor-masked cache topologies, preventing "False Positive" failures in virtualized environments (QEMU/TCG).

🧹 UI/UX & Quality Assurance

• RAII ScopedAutoFlush: Introduced the ScopedAutoFlush C++ class to manage console state. This ensures that the console's auto-flush setting is reliably restored even if a command fails or panics, preventing "frozen terminal" scenarios.
• SCS Starvation Logic: Corrected the starvation scan direction in the Scalable Core Scheduler. The dispatcher now prioritizes low-priority queues during starvation checks, ensuring absolute fairness across all task classes.

Full Changelog: v6.9.5...v6.9.6

Singularity 6.9.4

Singularity OS v6.9.4 - Deterministic Stability & Silicon-Level Hardening 🛡️

This release represents a massive architectural cleanup and logic fortification. Version 6.9.4 resolves deep-seated synchronization bugs, eliminates memory leaks in core subsystems, and transitions critical firmware parsing to memory-safe Rust, achieving a new level of system determinism.

⚡ Advanced Synchronization & Multi-Core Logic

• RWLock "Double-Decrement" Fix: Resolved a critical logic flaw in the Readers-Writer Lock. The write_waiters counter is now atomically synchronized with the wait_queue_pop_safe result, preventing an integer underflow that previously led to permanent scheduler hangs under heavy thread contention.
• Double-Checked Slab Expansion: Fortified SlabCache::alloc with a double-check pattern. This prevents redundant physical memory allocations when multiple cores simultaneously attempt to expand the same slab cache, eliminating high-pressure memory waste.
• SCS Work-Stealing Livelock Shield: Refined the Scalable Core Scheduler. The work-stealing algorithm now performs an atomic check for "stealable" tasks (Count > 1) before attempting a lock, preventing cores from hindering each other's progress in high-affinity scenarios.

🛡️ Hardened Security & Memory Protection

• Hardware-Level Syscall Validation: Upgraded is_valid_user_ptr with a manual Hardware Page Table Walk. Every user-provided pointer is now verified against the actual page table entries (PTEs) for presence and permission bits before dereferencing, neutralizing advanced kernel-space DoS vectors.
• TSC-Augmented Canary Entropy: Enhanced the Stack Protector’s security. The canary seed generation now XORs raw hardware Time Stamp Counter (TSC) cycles, ensuring unique and unpredictable entropy even in virtualized environments where RDRAND/RDSEED might be unavailable or compromised.
• Firmware W^X Enforcement: Standardized the mapping of all BIOS/UEFI tables (RSDP, XSDT, DSDT) as strictly Read-Only and NX (No-Execute), creating a silicon-level barrier against firmware tampering.

🧱 Rust Core & HAL Overhaul

• Rust AML Parser Migration: Successfully migrated the DSDT AML (ACPI Machine Language) parser to Rust. Singularity now utilizes memory-safe &[u8] slices to parse _S5_ and _S3_ sleep packages, eliminating the risk of buffer overflows from untrusted or malformed firmware data.
• True NUMA Node Localization: Fixed the "NUMA Illusion" in the PMM. The alloc_contiguous_internal function now strictly filters physical extents based on the requesting CPU's NUMA node boundaries (start_frame to end_frame), achieving genuine memory-to-CPU proximity.
• HAL CRC32 Software Fallback: Encapsulated hal_crc32_u64. The system now detects SSE4.2 support at runtime; on legacy hardware, it transparently falls back to a software Castagnoli CRC32 implementation, preventing #UD (Invalid Opcode) crashes.

🐛 Critical Bug Fixes & Logic Refinement

• FAT-Walking Fallback: Implemented a hardware-level FAT table scanner in kom_probe_free_space. If the FSINFO sector is stale or uninitialized, the kernel manually counts free clusters, ensuring 100% accurate storage reporting for FAT32 volumes.
• Shell Path & Leak Fixes:
  • Fixed a critical crash in resolveAbsolutePath where calling cd .. at the drive root (C:\) would corrupt the path string.
  • Resolved a memory leak in executeScript where the script buffer was not freed during I/O or parsing failures.
• Alignment Constraint Preservation: Fixed a bug in vmm_alloc_aligned where Huge Page defaults would override larger user-requested alignments (e.g., 1024-page for specific DMA buffers), ensuring strict hardware alignment compliance.
• UEFI CRC32 Buffer Overflow Fix: Migrated the UEFI table verifier from a 128-byte static stack buffer to dynamic heap allocation, allowing the safe validation of large EFI system tables found on modern hardware.

🧹 UI/UX & Quality Assurance

• Enhanced Storage Reporting: The parts command now displays real-time free space percentages and features a dedicated section for Optical Media & Read-Only Volumes, preventing logical confusion with partitioned physical disks.
• Clang-Tidy "Zero-Warning" Audit: Resolved over 800 static analysis findings. This includes fixing strncpy null-termination risks, uninitialized va_list usage in serial_printf and sysinfo, and placement-new alignment mismatches.
• Legacy Macro Purge: Completely removed 0xB8000-era VGA_ macros. Transitioned to a unified, type-safe console_color_t Enum across the C++/Rust FFI boundary.
• LTO-Safe Diagnostics: Updated SystemCheck to use assembly-exported symbols (syscall_entry) for resolution tests, ensuring diagnostic reliability under aggressive ThinLTO.

Full Changelog: v6.9.3...v6.9.4

Singularity 6.9.3

Singularity OS v6.9.3 - Architectural Integrity & Logic Refinement 🛠️

This release focuses on resolving deep-seated synchronization logic bugs, hardening memory security through hardware-level validation, and establishing a deterministic architectural flow.

⚡ Memory & Performance Engineering

• Double-Checked Slab Locking: Resolved an SMP race condition in SlabCache::alloc. Redundant page allocations are now prevented by re-verifying list states after re-acquiring locks.
• True NUMA Node Enforcement: Eliminated the "NUMA Illusion" in the PMM. Contiguous allocations now strictly respect physical node boundaries (start_frame/end_frame), ensuring true memory-to-CPU proximity.
• Alignment Constraint Fix: Corrected a bug in vmm_alloc_aligned where Huge Page defaults (512) would override larger user-requested alignments, ensuring buffer consistency for high-end DMA.
• Exponential Spinlock Backoff: Implemented a dynamic backoff mechanism for Ticket Spinlocks to reduce L1 cache contention and memory bus pressure on many-core systems.

🛡️ Security & Hardening

• Hardware Page Walk (Syscall Guard): Hardened the Ring 3 ↔ Ring 0 boundary. The is_valid_user_ptr logic now performs a manual page table walk and permission check before dereferencing, neutralizing kernel-space pointer exploits.
• TSC-Augmented Stack Canary: Strengthened the Stack Protector's entropy by XORing raw hardware TSC cycles into the canary seed, providing robust protection in environments lacking RDRAND.
• Firmware Read-Only Lockdown: Standardized ACPI and UEFI table mapping to use PAGE_NX and Read-Only flags, preventing any unintended kernel-level writes to system firmware space.
• HAL SSE4.2 Software Fallback: Moved hal_crc32_u64 to a safe wrapper. If the CPU lacks SSE4.2, the kernel now transparently falls back to a software implementation instead of triggering an invalid opcode exception.

🧱 UEFI & Storage Logic

• UEFI Config Table Scanner: Implemented a native EFI Configuration Table parser to locate SMBIOS structures directly from the System Table when Multiboot2 tags are missing.
• Dynamic UEFI CRC32 Verifier: Fixed a potential stack overflow/corruption by migrating the UEFI table verifier from a 128-byte static buffer to dynamic heap allocation.
• FAT32/Optical Media Reporting:
  • Fixed a bug where FAT32 free space was reported as "0 B" instead of "Unknown" when FSINFO was stale.
  • Corrected the parts command to properly identify non-partitioned optical media (ISO9660/UDF).

🧹 Refactoring & Code Quality

• Unified Console Color Engine: Purged all legacy 0xB8000-era VGA_ macros. Transitioned to a centralized, type-safe console_color_t Enum across the C++/Rust FFI boundary.
• Defensive Flow Enforcement: Applied the "Strict Else" rule across all modified kernel paths, ensuring deterministic fallbacks and eliminating silent failures.
• Async Log Race Resolution: Removed redundant PCIe "Note" logs in Rust to prevent string interleaving/corruption with synchronous kernel output during boot.
• LTO-Safe Diagnostics: Switched SystemCheck to use assembly-exported symbols (syscall_entry) for resolution tests to bypass aggressive ThinLTO inlining.

Full Changelog: v6.9.2...v6.9.3

Singularity 6.9.2

Singularity OS v6.9.2 - Performance & Security Update 🚀

This release brings enterprise-grade stability, major speed improvements (boot time reduced to ~398ms), and critical security hardening for upcoming Ring 3 (User Mode) integration.

⚡ Performance & Optimizations

• Async Hardware Init: PCIe devices are forced to D0 state during enumeration. NVMe initialization is now asynchronous, eliminating spin-up wait times.
• O(1) Console Scrolling: Removed heavy VRAM memmove operations. The console now uses a zero-overhead circular history buffer.
• Lock-Free Scheduler: Replaced O(N) lock contention in work-stealing with atomic queue-size checks.
• VMM & Cache: Added 64-bit fast-path memory allocation, 2MB Huge Page support, and fast FNV-1a hashing for the disk cache.

🛡️ Security Hardening

• Syscall Stack Isolation: Added dedicated, guard-paged syscall stacks per CPU to prevent stack exhaustion attacks.
• SMAP/SMEP Guards: Implemented hardware-level stac/clac instructions for safe user-memory access.
• Process Tainting: Hardware exceptions (FPU/Page Faults) in drivers now gracefully isolate and terminate the faulting task instead of causing a system-wide Kernel Panic.

🐛 Critical Bug Fixes

• PCIe W1C Corruption: Fixed Write-1-to-Clear register corruption by enforcing strict 8/16-bit FFI I/O instead of 32-bit Read-Modify-Write.
• Scheduler Deadlocks: Resolved task_sleep hangs by migrating from BSP-only ticks to independent hardware TSC microsecond polling.
• Lost Wakeups: Fixed race conditions in mutex, rwlock, and semaphore by introducing cli/sti hardware guards during state transitions.
• Storage & Logs: Fixed FAT32 cluster underflow vulnerabilities and FFI logger snapshot drops.
• Misc: Corrected boot section timing measurements and fixed backup_creator.py read-only permission errors ([WinError 5]) on Windows.

Full Changelog: Singularity_Releases...v6.9.2

Singularity 6.9.1

This is the first public version of “Singularity”