Adds infrastructure to synthesise the silph::WorkerCtx that AUDIT-058/059
identified as never reached by ours' static-init chain (real chain entry
sits in audit-059 round 9's wrong-vtable wedge at sub_82172BA0+0x1E8).
Ctx layout follows round 5's live hexdump from canary:
+0x00 vtable = 0x8200A1E8
+0x04 self
+0x08 intrusive list head -> self
+0x0C init flag = 1
+0x10 packed byte field
+0x18 2x float ~1.0 (UI rates)
+0x24 flag = 1
+0x28..+0x30 3x foreign-arena pointers (left NULL — see below)
+0x54..+0x84 4x X_KEVENT auto-reset, state=0
+0x94..+0xC4 4x X_KEVENT manual-reset, state=1 (pre-signaled)
+0x210..+0x250 4-entry intrusive work-ring, empty
Worker spawn mirrors AUDIT-048's audio-worker pattern in
xaudio_register_render_driver: per-worker allocate_thread_image +
state.scheduler.spawn with r3 = ctx_ptr. Trigger fires at the first
dat/* VFS open (ours' earliest is dat/files.tbl), which is when canary
runs the equivalent chain.
ROUND 18 OUTCOME — opt-in only:
With workers spawned Ready (XENIA_SILPH_SYNTH=1), boot CRASHES at
cycle ~5.5M with PC=0 on hw=1, just after worker_3 (entry 0x825065B8)
spawns. Per task constraints this is STOP-and-report: the ctx fields
+0x28/+0x2C/+0x30 (foreign heap pointers — canary's 0x30057018,
0xBCE25640, 0xBE568F00, distinct arenas per audit-059 round 7) are
left NULL, and the worker bodies plausibly dereference one of them.
Synthesising those is a fresh investigation (round 19+).
With workers spawned Suspended (XENIA_SILPH_SYNTH=suspend), boot
completes normally (11 spawns, VdSwap=1, KeSetEvent=2,
KeReleaseSemaphore=1 — matches default baseline). The ctx remains
materialised in guest memory at the logged VA for downstream probing.
Default (env var unset): no synth, no regression.
Files:
crates/xenia-kernel/src/silph_synth.rs (new, 225 LOC)
crates/xenia-kernel/src/lib.rs (+1 LOC, register module)
crates/xenia-kernel/src/exports.rs (+37 LOC, hook in open_vfs_file)
crates/xenia-kernel/src/state.rs (+18 LOC, 4 silph_synth_* fields)
Tests: cargo test --release --workspace = 765 pass / 0 fail.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
b5885b8560