fix(node): ignore stale port exits in trap_exit device servers

ThinPool, Img.Server, Layer.Server and Img.Mutable each run privileged
commands through `System.cmd`, which links a transient port to the caller
and returns only once the command has finished. Because these servers trap
exits (for `terminate/2` teardown), the now-defunct port's exit is then
delivered as `{:EXIT, port, reason}`. None of these servers define a
catch-all handle_info, so an unmatched `{:EXIT, ...}` raises a
FunctionClauseError and crash-loops the server -- Layer.Server crashed
while mounting a layer, which surfaced to create_vm as :no_capacity.

Match the port specifically (`is_port/1`) and ignore it regardless of
reason: the synchronous `System.cmd` has already consumed the command's
result, so the trailing port exit is stale by construction whether it
closed normally or not. A linked *process* exiting is a genuinely
different event and still falls through (and raises), so real faults are
not masked.

Author: markovejnovic

lib/hyper/node/img/mutable.ex

@@ -119,6 +119,14 @@ defmodule Hyper.Node.Img.Mutable do
   @impl true
   def handle_info(:idle_timeout, state), do: {:noreply, state}
 
+  @impl true
+  # Each privileged command runs through `System.cmd`, which links a transient
+  # port to this process and returns only once that command has finished. Because
+  # we trap exits (for `terminate/2` teardown), the now-defunct port's exit lands
+  # here afterwards -- stale by construction, whatever its reason -- so ignore any
+  # port exit. (A linked *process* exiting is a different event and still raises.)
+  def handle_info({:EXIT, port, _reason}, state) when is_port(port), do: {:noreply, state}
+
   @impl true
   def terminate(_reason, state) do
     # Destroy the thin volume, then release the image (its monitor on us also

lib/hyper/node/img/server.ex

@@ -128,6 +128,14 @@ defmodule Hyper.Node.Img.Server do
     {:noreply, state}
   end
 
+  @impl true
+  # Each privileged command runs through `System.cmd`, which links a transient
+  # port to this process and returns only once that command has finished. Because
+  # we trap exits (for `terminate/2` teardown), the now-defunct port's exit lands
+  # here afterwards -- stale by construction, whatever its reason -- so ignore any
+  # port exit. (A linked *process* exiting is a different event and still raises.)
+  def handle_info({:EXIT, port, _reason}, state) when is_port(port), do: {:noreply, state}
+
   @impl true
   def terminate(_reason, %State{dm_names: dm_names}) do
     # Remove top-down (a snapshot's origin is the device below it). Layers are

lib/hyper/node/img/thin_pool.ex

@@ -94,6 +94,14 @@ defmodule Hyper.Node.Img.ThinPool do
     {:reply, :ok, id_free(state, id)}
   end
 
+  @impl true
+  # Each privileged command runs through `System.cmd`, which links a transient
+  # port to this process and returns only once that command has finished. Because
+  # we trap exits (for `terminate/2` teardown), the now-defunct port's exit lands
+  # here afterwards -- stale by construction, whatever its reason -- so ignore any
+  # port exit. (A linked *process* exiting is a different event and still raises.)
+  def handle_info({:EXIT, port, _reason}, state) when is_port(port), do: {:noreply, state}
+
   @impl true
   def terminate(_reason, state) do
     _ = SuidHelper.Dmsetup.remove(@pool_name)

lib/hyper/node/layer/server.ex

@@ -119,6 +119,14 @@ defmodule Hyper.Node.Layer.Server do
     {:noreply, state}
   end
 
+  @impl true
+  # Each privileged command runs through `System.cmd`, which links a transient
+  # port to this process and returns only once that command has finished. Because
+  # we trap exits (for `terminate/2` teardown), the now-defunct port's exit lands
+  # here afterwards -- stale by construction, whatever its reason -- so ignore any
+  # port exit. (A linked *process* exiting is a different event and still raises.)
+  def handle_info({:EXIT, port, _reason}, state) when is_port(port), do: {:noreply, state}
+
   @impl true
   def terminate(_reason, %State{blk_path: blk_path}) do
     case SuidHelper.Losetup.detach(blk_path) do