rivet-dev
diff --git a/‎packages/kernel/src/command-registry.ts‎
Lines changed: 15 additions & 1 deletion b/‎packages/kernel/src/command-registry.ts‎
Lines changed: 15 additions & 1 deletion
diff --git a/‎packages/kernel/src/device-layer.ts‎
Lines changed: 19 additions & 1 deletion b/‎packages/kernel/src/device-layer.ts‎
Lines changed: 19 additions & 1 deletion
diff --git a/‎packages/kernel/src/fd-table.ts‎
Lines changed: 27 additions & 24 deletions b/‎packages/kernel/src/fd-table.ts‎
Lines changed: 27 additions & 24 deletions
@@ -13,16 +13,30 @@ export class CommandRegistry {
 	/** command name → RuntimeDriver */
 	private commands: Map<string, RuntimeDriver> = new Map();
 
+	/** Warning log for command overrides. */
+	private warnings: string[] = [];
+
 	/**
 	 * Register all commands from a driver.
-	 * Last-mounted driver wins on conflicts (allows override).
+	 * Last-mounted driver wins on conflicts (allows override with warning).
 	 */
 	register(driver: RuntimeDriver): void {
 		for (const cmd of driver.commands) {
+			const existing = this.commands.get(cmd);
+			if (existing) {
+				const msg = `command "${cmd}" overridden: ${existing.name} → ${driver.name}`;
+				this.warnings.push(msg);
+				console.warn(`[CommandRegistry] ${msg}`);
+			}
 			this.commands.set(cmd, driver);
 		}
 	}
 
+	/** Get recorded warnings (for testing). */
+	getWarnings(): readonly string[] {
+		return this.warnings;
+	}
+
 	/** Resolve a command name to a driver. Returns null if unknown. */
 	resolve(command: string): RuntimeDriver | null {
 		return this.commands.get(command) ?? null;
 
@@ -88,6 +88,23 @@ export function createDeviceLayer(vfs: VirtualFileSystem): VirtualFileSystem {
 			return vfs.readFile(path);
 		},
 
+		async pread(path, offset, length) {
+			if (path === "/dev/null") return new Uint8Array(0);
+			if (path === "/dev/zero") return new Uint8Array(length);
+			if (path === "/dev/urandom") {
+				const buf = new Uint8Array(length);
+				if (typeof globalThis.crypto?.getRandomValues === "function") {
+					globalThis.crypto.getRandomValues(buf);
+				} else {
+					for (let i = 0; i < buf.length; i++) {
+						buf[i] = (Math.random() * 256) | 0;
+					}
+				}
+				return buf;
+			}
+			return vfs.pread(path, offset, length);
+		},
+
 		async readTextFile(path) {
 			if (path === "/dev/null") return "";
 			const bytes = await this.readFile(path);
@@ -112,7 +129,7 @@ export function createDeviceLayer(vfs: VirtualFileSystem): VirtualFileSystem {
 		},
 
 		async writeFile(path, content) {
-			if (path === "/dev/null") return; // discard
+			if (path === "/dev/null" || path === "/dev/zero" || path === "/dev/urandom") return; // discard
 			return vfs.writeFile(path, content);
 		},
 
@@ -171,6 +188,7 @@ export function createDeviceLayer(vfs: VirtualFileSystem): VirtualFileSystem {
 		},
 
 		async realpath(path) {
+			if (isDevicePath(path) || isDeviceDir(path)) return path;
 			return vfs.realpath(path);
 		},
 
 
@@ -22,20 +22,8 @@ import {
 /** Maximum open FDs per process before allocations are rejected (EMFILE). */
 export const MAX_FDS_PER_PROCESS = 256;
 
-let nextDescriptionId = 1;
-
-function createFileDescription(
-	path: string,
-	flags: number,
-): FileDescription {
-	return {
-		id: nextDescriptionId++,
-		path,
-		cursor: 0n,
-		flags,
-		refCount: 1,
-	};
-}
+/** Allocator function that creates a FileDescription with a unique ID. */
+export type DescriptionAllocator = (path: string, flags: number) => FileDescription;
 
 /**
  * FD table for a single process.
@@ -45,6 +33,11 @@ function createFileDescription(
 export class ProcessFDTable {
 	private entries: Map<number, FDEntry> = new Map();
 	private nextFd = 3; // 0, 1, 2 reserved
+	private allocDesc: DescriptionAllocator;
+
+	constructor(allocDesc: DescriptionAllocator) {
+		this.allocDesc = allocDesc;
+	}
 
 	/** Pre-allocate stdin, stdout, stderr */
 	initStdio(
@@ -93,7 +86,7 @@ export class ProcessFDTable {
 	/** Open a new FD for the given path and flags */
 	open(path: string, flags: number, filetype?: number): number {
 		const fd = this.allocateFd();
-		const description = createFileDescription(path, flags);
+		const description = this.allocDesc(path, flags);
 		this.entries.set(fd, {
 			fd,
 			description,
@@ -180,7 +173,7 @@ export class ProcessFDTable {
 
 	/** Create a copy of this table for a child process (FD inheritance). */
 	fork(): ProcessFDTable {
-		const child = new ProcessFDTable();
+		const child = new ProcessFDTable(this.allocDesc);
 		child.nextFd = this.nextFd;
 		for (const [fd, entry] of this.entries) {
 			entry.description.refCount++;
@@ -225,14 +218,24 @@ export class ProcessFDTable {
  */
 export class FDTableManager {
 	private tables: Map<number, ProcessFDTable> = new Map();
+	private nextDescriptionId = 1;
+
+	/** Per-instance allocator bound to this manager's ID counter. */
+	private allocDesc: DescriptionAllocator = (path, flags) => ({
+		id: this.nextDescriptionId++,
+		path,
+		cursor: 0n,
+		flags,
+		refCount: 1,
+	});
 
 	/** Create a new FD table for a process with standard FDs. */
 	create(pid: number): ProcessFDTable {
-		const table = new ProcessFDTable();
+		const table = new ProcessFDTable(this.allocDesc);
 		table.initStdio(
-			createFileDescription("/dev/stdin", O_RDONLY),
-			createFileDescription("/dev/stdout", O_WRONLY),
-			createFileDescription("/dev/stderr", O_WRONLY),
+			this.allocDesc("/dev/stdin", O_RDONLY),
+			this.allocDesc("/dev/stdout", O_WRONLY),
+			this.allocDesc("/dev/stderr", O_WRONLY),
 		);
 		this.tables.set(pid, table);
 		return table;
@@ -249,18 +252,18 @@ export class FDTableManager {
 		stdoutOverride: { description: FileDescription; filetype: number } | null,
 		stderrOverride: { description: FileDescription; filetype: number } | null,
 	): ProcessFDTable {
-		const table = new ProcessFDTable();
+		const table = new ProcessFDTable(this.allocDesc);
 		const stdinDesc = stdinOverride
 			? stdinOverride.description
-			: createFileDescription("/dev/stdin", O_RDONLY);
+			: this.allocDesc("/dev/stdin", O_RDONLY);
 		const stdinType = stdinOverride?.filetype ?? FILETYPE_CHARACTER_DEVICE;
 		const stdoutDesc = stdoutOverride
 			? stdoutOverride.description
-			: createFileDescription("/dev/stdout", O_WRONLY);
+			: this.allocDesc("/dev/stdout", O_WRONLY);
 		const stdoutType = stdoutOverride?.filetype ?? FILETYPE_CHARACTER_DEVICE;
 		const stderrDesc = stderrOverride
 			? stderrOverride.description
-			: createFileDescription("/dev/stderr", O_WRONLY);
+			: this.allocDesc("/dev/stderr", O_WRONLY);
 		const stderrType = stderrOverride?.filetype ?? FILETYPE_CHARACTER_DEVICE;
 
 		table.initStdioWithTypes(stdinDesc, stdinType, stdoutDesc, stdoutType, stderrDesc, stderrType);