fix(memctx): retry cold bootstrap with backoff while guest boots

The cold address-space bootstrap (host_bootstrap -> System DTB) ran once and was terminal: when the adapter attached before the guest finished booting, no System process was found, the adapter emitted a single ERROR and never retried, so the memctx datum was never published. Make it self-healing: on bootstrap failure arm a one-shot backoff timerfd (a second adapter fd, demuxed by cookie) that re-kicks the bootstrap until it succeeds; reset and disarm on success. Drop the per-failure URGENT ERROR (a still-booting guest is transient, not a fault) for a single diagnostic line on the first failure. Add a stub fail-injection (cfg fail_boots) and test_retry. Bump 0.3.5.
2026-06-26 04:36:37 +03:00 · 2026-06-24 11:20:32 +03:00
parent 6fea392d46
commit 26e5ab4709
4 changed files with 156 additions and 15 deletions
@@ -12,6 +12,9 @@ typedef struct {
                            /*        TRANSFERS to the adapter (closed in close()) — the */
                            /*        caller dups first if it must keep its own copy.    */
                            /* <0  => default: open(ram_path, O_RDONLY) / stub-memfd     */
+    uint32_t    fail_boots; /* test-only: fail the first N stub bootstraps before        */
+                            /* succeeding (drives the retry/backoff path deterministically */
+                            /* without timing dependence); 0 in production. stub path only. */
 } vmsig_memctx_cfg;

 /* Max SRC bytes per atomic gva_write (bounds the worker POD slot; mc_req header + src