Avoid duplicate IPC messages for interrupt delivery #116
Description
Currently it is possible to send a VirtualMachineMsg for a GuestInterrupt for a vector that is already in the message queue of the guest. In many cases, this is incorrect. For example, if one guest core sends an IPI for an edge triggered interrupt to another core, this will cause a VMEXIT and the sending core will enqueue a message in the target cores rx buffer. If this happens again before the target core has serviced the first interrupt, we will enqueue another message. However, in real hardware this wouldn't be possible (I think) because the Delivery status register would not be cleared until the previous message was actually accepted by the target core.
I believe we should model this behavior by effectively preventing the guest virtual local apic from sending another interrupt when the previous one has not yet been serviced. However, it's also possible that my understanding is flawed.