She deployed to the three drones. Telemetry flooded in: stable heart rates, smooth trajectory corrections, and then, bleakly, one drone reported "lock mismatch: aim_lock_config.conf HOT". The canary refused the shadow config—the lock check happened locally before accepting any override.
"Design for ghosts," Mira said. "State loves to linger. Make it easy to be explicit about ownership, and always have a safe bypass." aim lock config file hot
Mira opened a new shell and began a manual orchestration: create a shadow config, replicate the exact parameters, and push changes to a small canary subset—three drones—leaving the rest untouched. If the canary behaved, she could roll the patch incrementally despite the lock. She crafted aim_lock_config_hotfix.conf, identical except for a timestamp and a safer update window flag. She deployed to the three drones
She watched logs stitch back into pattern: no more HOT flags, no more orphaned PIDs. And then a line she had been waiting for: ALL CLEAR. "Design for ghosts," Mira said
"Lesson?" the junior asked.
"Initiate canary," she said, though no one else was in the room to hear it.
Back to the kernel. Mira dumped the lock table, inspected kernel logs, saw a kernel panic thread that had restarted the lock manager with an incomplete cleanup. The restart sequence left the lock bit set but with no owner. The fix was delicate: unset the kernel lock bit manually, but only after ensuring no process would try to regrab it mid-op. That meant stopping the aim orchestrator—a bolder move.