* Reyk Floeter <r...@openbsd.org> [2018-10-05 23:32:44 +0200]:
Hi, it sometimes happens that a VM is stuck in a reboot loop. This isn't very pleasent for vmd, so this diff attempts to introduce a hard rate-limit: if the VM rebooted after less than VM_START_RATE_SEC (6) seconds, increment a counter. If this happens VM_START_RATE_LIMIT (3) times in a row, stop the VM. The idea is that it might be desirable in some cases to reboot quickly (you're either really fast on the boot prompt, or you use something like grub that can automatically reboot into a previous kernel). But if this happens too often (more than 3 times), something is wrong and cannot be intended, not even in the worst Linux/grub/unikernel/... situation. These limits are a guessed default. Test case: I dd'ed random bytes to a kernel after some initial bytes, keeping the original size of the kernel. The boot loader loads the header, the complete kernel, tries to boot it and *boom*, reset ;) Comments? Concerns? Better ideas? OKs?
We could rate limit based on the number of triple faults. I have often break;ed on VMX_EXIT_TRIPLE_FAULT in vcpu_exit (vm.c) to not get annoyed by this. -- Pratik
