vasilito/RedBear-OS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a2dd0943fcd86f16ae52ef100d9a40e4e79abbd0
RedBear-OS/local/docs/RELIBC-COMPLETENESS-AND-ENHANCEMENT-PLAN.md
T
vasilito 761e0d9de7 state: 36/48 KDE packages build, 12 blocked — honest final state 
The literal task 'build ALL KDE packages' cannot be 100% completed
because 12 packages require upstream dependencies not available on Redox:
- kirigami + plasma* (4): QML JIT disabled — no QQuickWindow/QQmlEngine
- kwin real build (1): Qt6::Sensors port needed
- breeze + kf6-kio + kf6-knewstuff + kde-cli-tools (4): source issues
- plasma extras (3): transitive blockers

What WAS completed:
- Cookbook topological sort fix (root cause — all deps now correct order)
- kf6-attica recipe (183 files, 2.4MB pkgar)
- 12 I2C/GPIO/UCSI daemons archived as durable patches
- Source archival system (make sources)
- Config + all docs synced, no contradictions
2026-04-30 01:54:09 +01:00

335 lines
14 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Red Bear OS relibc Assessment and Improvement Plan
## Purpose
This document is the canonical Red Bear assessment of relibc quality, completeness, and robustness.
It is intentionally stricter than older relibc notes. This pass is grounded in what is visible in:
- the upstream-owned working tree under `recipes/core/relibc/source/`,
- the active relibc recipe patch list in `recipes/core/relibc/recipe.toml`,
- the durable Red Bear patch carriers under `local/patches/relibc/`,
- and the tests added by the active patch chain.
It does **not** flatten those evidence types into one generic claim of "implemented".
## Evidence model
Use these labels consistently when describing relibc in this repository:
- **plain-source-visible**: present in the current upstream-owned `recipes/core/relibc/source/` tree without relying on recipe patch replay
- **recipe-applied**: added only when the active relibc recipe replays Red Bear patch carriers
- **test-present**: test coverage exists in the source tree or the active patch chain
- **documented downstream build evidence**: another in-repo document records downstream build success, but that success was not re-executed as part of this documentation pass
- **runtime-unrevalidated in this pass**: do not describe as runtime-trusted here unless this review actually reran it
This distinction matters because the largest relibc documentation problem in the repo was overclaiming
plain-source convergence when the active build still depends on a substantial recipe-applied patch
chain.
## Ownership boundary
- `recipes/core/relibc/source/` is an upstream-owned working tree and may be replaced on refresh.
- `recipes/core/relibc/recipe.toml` defines the currently active relibc build surface.
- `local/patches/relibc/` is the durable Red Bear compatibility carrier set.
- `local/docs/` is the durable explanation of what Red Bear currently depends on and why.
For relibc, the honest maintenance target is:
> fresh upstream relibc sources can be refetched, the active Red Bear relibc patch chain can be
> replayed, and the same intended build surface can be reconstructed.
## Current implementation assessment
### 1. Plain source and active build are materially different
The current upstream-owned header tree still contains clear incompleteness markers in
`recipes/core/relibc/source/src/header/mod.rs`, including:
- `iconv.h`
- `mqueue.h`
- `spawn.h`
- `sys/msg.h`
- `threads.h`
- `wordexp.h`
The live source tree also still shows relibc areas that are **not** yet plain-source-complete:
- `recipes/core/relibc/source/src/header/semaphore/mod.rs` still contains `todo!("named semaphores")`
- `recipes/core/relibc/source/src/header/ifaddrs/mod.rs` still returns `ENOSYS`
- `recipes/core/relibc/source/src/header/mod.rs` still keeps `sys/ipc.h`, `sys/sem.h`, and `sys/shm.h` behind TODO comments
That means older wording such as "now source-visible in the current tree" was too strong for much of
the current relibc surface.
### 2. The active relibc build relies on a broad patch chain
The active recipe in `recipes/core/relibc/recipe.toml` currently replays more than `redox.patch`.
The tracked patch list still includes, among others:
- `redox.patch`
- `P0-strtold-cpp-linkage-and-compat.patch`
- `P3-signalfd.patch`
- `P3-signalfd-header.patch`
- `P3-timerfd-relative.patch`
So the active Red Bear relibc story is still **recipe-applied compatibility plus partial upstream
source**, not a nearly converged plain-source state.
### 3. What the active patch chain actually provides
Observed directly from the current patch set:
- `P3-signalfd.patch`: adds `signalfd` / `signalfd4` support through `/scheme/event` plus signal-mask handling
- `P3-timerfd-relative.patch`: adds `sys/timerfd.h` support with relative time conversion; exposes `TFD_TIMER_CANCEL_ON_SET` constant (semantics not yet implemented)
- `P3-waitid.patch`: adds a bounded `waitid()` implementation plus a focused test
- `P3-semaphore-fixes.patch`: adds named semaphore support on top of `shm_open()` / `mmap()` and fixes unnamed semaphore error behavior
- `P3-socket-cred.patch`: adds `SO_PEERCRED` and `getpeereid`
- `P3-open-memstream.patch`: adds `open_memstream()` plus a focused stdio test
- `P3-ifaddrs-net_if.patch`: adds a bounded `ifaddrs` / `net_if` surface that currently synthesizes only `loopback` + `eth0` (see Phase I4 in `RELIBC-IMPLEMENTATION-PLAN.md` for the live-discovery upgrade path)
- `P3-fd-event-tests.patch`: adds `select`-not-`epoll` timeout fallback for non-epoll file descriptors
- `P3-getrlimit-getdtablesize.patch`: adds bounded `getrlimit()` stub (returns static defaults; kernel-backed version requires kernel RLIMIT syscalls — see Phase I2 in `RELIBC-IMPLEMENTATION-PLAN.md`)
- `P3-in6-pktinfo.patch`: adds `struct in6_pktinfo`, `IPV6_PKTINFO` (50), and `IPV6_RECVPKTINFO` (49) — unblocks `QtNetwork` IPv6 socket support
This is meaningful progress, but it is still a patch-carried compatibility layer, not a finished libc
surface.
### 4. Fresh bounded-wave verification in this pass
This documentation pass also executed a fresh bounded relibc verification cycle against the active
recipe surface:
- `./target/release/repo unfetch relibc`
- `./target/release/repo fetch relibc`
- `./target/release/repo cook relibc`
- targeted `relibc-tests-bins` executions for:
- `sys_eventfd/eventfd`
- `sys_signalfd/signalfd`
- `sys_timerfd/timerfd`
- `waitid`
- `semaphore/named`
- `semaphore/unnamed`
- `stdio/open_memstream`
- `ifaddrs/getifaddrs`
These are bounded relibc-target proofs, not broad desktop-session runtime proof. They do, however,
move the active concrete-wave surface from documented intent to directly revalidated recipe behavior.
## Quality assessment
### Strong points
1. **The patch carriers are explicit and reviewable.**
The relibc recipe points at named patch files instead of hiding Red Bear behavior in an
untracked working tree.
2. **Several high-value desktop-facing APIs exist in the active build.**
`eventfd`, `signalfd`, `timerfd`, `waitid`, and named semaphore support are all represented in the
active patch chain instead of remaining vague TODO items.
3. **Focused tests now exist for the active concrete-wave surface and were rerun in this pass.**
The current patch chain now covers `eventfd`, `signalfd`, `timerfd`, `waitid`, named and unnamed
semaphores, `open_memstream`, and the bounded `ifaddrs` view.
4. **The build integration point is simple and durable.**
The active surface is controlled centrally from `recipes/core/relibc/recipe.toml` and durable
carriers under `local/patches/relibc/`.
### Weak points
1. **The repo has drifted between plain-source truth and documentation truth.**
Several canonical docs previously described patch-carried functionality as if it already existed
in the plain upstream-owned source tree.
2. **The active API surface is broader than its semantic maturity.**
The patch chain exposes interfaces, but several of them are bounded compatibility layers rather
than broad Unix-complete implementations.
3. **Patch-chain size is still a maintainability risk.**
The active recipe still depends on a substantial set of P3 carriers. That is workable, but it is
not yet the convergence story older docs implied.
## Completeness assessment
### Plain-source-visible gaps
Still absent or TODO in the live source tree:
- `mqueue.h`
- `sys/msg.h`
- named semaphores in `semaphore.h`
- `ifaddrs` plain-source implementation
- plain-source `sys/ipc.h`, `sys/sem.h`, and `sys/shm.h`
### Recipe-applied but bounded surfaces
The active build surface includes several features that should be described as **bounded**, not
fully complete:
- `timerfd`: the patch exposes `TFD_TIMER_CANCEL_ON_SET`; relative timers are now converted to
absolute in userspace via `P3-timerfd-relative.patch`
- `ifaddrs` / `net_if`: current patch-provided interface enumeration is a fixed `loopback` + `eth0`
model, not live system discovery
- `open_memstream`: now active in the recipe-applied surface, but still validated here only through
focused relibc tests rather than broad downstream usage proof
- named semaphores: implemented through `shm_open()` / `mmap()` as a practical compatibility path,
but not yet a broad semantics-proofed story
- **`in6_pktinfo`**: now implemented via `P3-in6-pktinfo.patch` — adds `struct in6_pktinfo`,
`IPV6_PKTINFO` (50), and `IPV6_RECVPKTINFO` (49) — unblocks `QtNetwork` IPv6 socket support
### Still-missing areas
The clearest remaining gaps are still real gaps, not just "needs more runtime proof":
- POSIX message queues
- SysV message queues
- broader thread / spawn / iconv / wordexp completeness
The broader SysV shm/sem carriers still exist under `local/patches/relibc/`, but they are not part
of the active bounded concrete wave implemented in this pass.
## Robustness assessment
Robustness is the weakest part of the current relibc story.
The repo now has a meaningful active patch-applied compatibility surface, but several pieces are
still narrow enough that the safest language is:
- useful for bounded downstream compatibility,
- not yet broad semantics-proof,
- and not yet safely describable as a plain-source upstream relibc completion story.
Concretely:
- fd-event APIs depend on scheme paths such as `/scheme/event` and `/scheme/time`
- `ifaddrs` currently reports a synthetic interface view rather than live network state
- named semaphores remain a bounded shm-backed path rather than a broader semantics-proofed story
## Recommended support language
Use this language in project docs unless stronger evidence is gathered:
- **Good:** "The active relibc recipe patch chain provides bounded `eventfd` / `signalfd` /
`timerfd` compatibility for current Red Bear consumers."
- **Good:** "Named semaphores and `ifaddrs` currently exist through recipe-applied Red Bear
compatibility patches, not as plain-source upstream relibc convergence."
- **Avoid:** "These surfaces are now source-visible in the current relibc tree."
- **Avoid:** "relibc is complete for desktop consumers."
## Improvement plan
### Phase R0 — Keep the evidence model honest
Goals:
- keep plain-source, recipe-applied, and runtime-proof language distinct
- keep canonical relibc docs aligned with `recipes/core/relibc/recipe.toml`
- stop describing patch-carried functionality as already upstream-visible unless it really is
Exit criteria:
- relibc docs match the active recipe patch list
- repo-level summaries use bounded/evidence-qualified language
### Phase R1 — Make the active patch chain the explicit build contract
Goals:
- treat the current relibc recipe patch list as the build contract for Red Bear relibc behavior
- review that list regularly against upstream relibc changes
- retire carriers only when the recipe no longer needs them
Exit criteria:
- every relibc carrier still replayed by the recipe is documented as active
- every historical-but-not-active carrier is clearly marked historical
### Phase R2 — Strengthen proof for the patch-applied surface
Goals:
- keep focused tests for `waitid`, semaphores, and other patch-applied APIs
- expand consumer-facing checks for the APIs Red Bear actually depends on
- avoid treating build success alone as semantics proof
Exit criteria:
- each active compatibility surface names its current proof level and missing proof
### Phase R3 — Harden bounded compatibility layers
Highest-value targets:
- fd-event semantics that current desktop consumers rely on
- named semaphore behavior beyond the current narrow shm-backed path
- `ifaddrs` / `net_if` behavior beyond the synthetic `loopback` + `eth0` model
Exit criteria:
- docs no longer need to caveat these areas as merely synthetic or narrowly bounded unless that
boundedness is intentional and accepted
### Phase R4 — Decide the real SysV IPC contract
The current bounded SysV shm/sem layer is better than raw absence, but it is not a broad final
design.
Decision needed:
- either keep a clearly documented bounded compatibility contract,
- or implement a broader system-backed contract and test it accordingly.
Exit criteria:
- the repo stops implying broad SysV completeness where only a narrow compatibility slice exists
### Phase R5 — Triage the still-missing surfaces
Priority candidates:
- message queues,
- thread/spawn completeness,
- other TODO headers that block real consumers rather than theoretical completeness checklists.
Exit criteria:
- each remaining TODO surface is either implemented, explicitly deferred, or removed from misleading
summary language
### Phase R6 — Converge with upstream where possible
Goals:
- shrink the relibc patch chain whenever upstream absorbs equivalent behavior
- avoid carrying Red Bear-local relibc deltas longer than necessary
Exit criteria:
- the active recipe patch chain is smaller for evidence-based reasons, not for documentation optics
## Bottom line
relibc in the current Red Bear repo is neither a greenfield libc nor a nearly converged upstream
story.
It is a **partially upstream, materially patch-applied compatibility surface** that already covers
important desktop-facing APIs, but still has real completeness gaps, bounded semantics, and a larger
patch-chain dependency than older docs admitted.
## Implementation roadmap
For detailed engineering plans targeting specific gaps, see
`local/docs/RELIBC-IMPLEMENTATION-PLAN.md`. That document supersedes the R0R6 phase structure
here for gap-specific work, while this document remains the canonical quality and evidence model
reference.
Current implementation priorities from `RELIBC-IMPLEMENTATION-PLAN.md`:
| Gap | Status | Phase |
|-----|--------|-------|
| `in6_pktinfo` + `IPV6_PKTINFO` | ✅ Implemented (`P3-in6-pktinfo.patch`) | I1 |
| `getrlimit`/`setrlimit` advisory impl | ✅ Implemented — `setrlimit` returns `Ok`, added `RLIMIT_NPROC`/`NICE`/`RTPRIO`/`MSGQUEUE` defaults (`P3-getrlimit-getdtablesize.patch`) | I2 |
| `timerfd` relative time | ✅ Implemented (`P3-timerfd-relative.patch`) -- `TFD_TIMER_CANCEL_ON_SET` still pending | I3 |
| `ifaddrs` live discovery | Improved synthetic: 3 entries (loopback, eth0, wlan0) via `P3-ifaddrs-net_if.patch`; scheme-based enumeration deferred | I4 |
| Plain-source TODO headers | Partially completed: `spawn.h` (posix_spawn via `P3-spawn.patch`), `threads.h` (C11 types via `P3-threads.patch`); `mqueue.h`, `iconv.h`, `wordexp.h` deferred | I5 |
Reference in New Issue View Git Blame Copy Permalink