Source-grounded rewrite of 529 published docs pages with per-unit information-loss verification: 1,713 factual corrections cited to src/**, generated surfaces regenerated, frontmatter titles preserved for i18n, release notes pages untouched. All docs gates green. Closes #100141
8.7 KiB
summary, title, read_when
| summary | title | read_when | ||||
|---|---|---|---|---|---|---|
| How to enable and tune guardrails that detect repetitive tool-call loops | Tool-loop detection |
|
OpenClaw has two cooperating guardrails against repetitive tool-call patterns,
both configured under tools.loopDetection:
- Loop detection (
enabled) - disabled by default. Watches the rolling tool-call history for repeated patterns and unknown-tool retries. - Post-compaction guard (
postCompactionGuard) - enabled wheneverenabledis not explicitlyfalse. Arms after every compaction-retry and aborts the run if the agent repeats the same(tool, args, result)triple within the window.
Set tools.loopDetection.enabled: false to silence both guardrails.
Why this exists
- Detect repetitive sequences that make no progress.
- Detect high-frequency no-result loops (same tool, same inputs, repeated errors).
- Detect specific repeated-call patterns for known polling tools.
- Break context-overflow -> compaction -> same-loop cycles instead of letting them run indefinitely.
Configuration block
Global defaults, with every documented field shown:
{
tools: {
loopDetection: {
enabled: false, // master switch for the rolling-history detectors
historySize: 30,
warningThreshold: 10,
criticalThreshold: 20,
unknownToolThreshold: 10,
globalCircuitBreakerThreshold: 30,
detectors: {
genericRepeat: true,
knownPollNoProgress: true,
pingPong: true,
},
postCompactionGuard: {
windowSize: 3, // armed after compaction-retry; runs unless enabled is explicitly false
},
},
},
}
Per-agent override (optional, at agents.list[].tools.loopDetection):
{
agents: {
list: [
{
id: "safe-runner",
tools: {
loopDetection: {
enabled: true,
warningThreshold: 8,
criticalThreshold: 16,
},
},
},
],
},
}
Per-agent settings overlay the global block field by field (including nested
detectors and postCompactionGuard), so an agent only needs to set the
fields it wants to change.
Field behavior
| Field | Default | Effect |
|---|---|---|
enabled |
false |
Master switch for the rolling-history detectors. false also disables the post-compaction guard. |
historySize |
30 |
Number of recent tool calls kept for analysis. |
warningThreshold |
10 |
Repeat count before a pattern is classified as warning-only. |
criticalThreshold |
20 |
Repeat count for blocking a no-progress loop pattern. Runtime clamps this above warningThreshold if misconfigured. |
unknownToolThreshold |
10 |
Blocks repeated calls to the same unavailable tool after this many misses. Not gated by detectors. |
globalCircuitBreakerThreshold |
30 |
Global no-progress breaker across all detectors. Runtime clamps this above criticalThreshold if misconfigured. Not gated by detectors. |
detectors.genericRepeat |
true |
Warns on repeated same-tool + same-args calls; blocks once those calls also return identical outcomes. |
detectors.knownPollNoProgress |
true |
Detects known no-progress polling patterns (process with action: "poll"/"log", command_status). |
detectors.pingPong |
true |
Detects alternating no-progress ping-pong patterns between two calls. |
postCompactionGuard.windowSize |
3 |
Attempts the guard stays armed after compaction, and the count of identical triples that aborts the run. |
For exec, no-progress hashing compares stable command outcomes (status,
exit code, timed-out flag, output) and ignores volatile runtime metadata such
as duration, PID, session ID, and working directory. Outbound message-send
results are hashed with volatile per-call ids (message id, file id, timestamp)
stripped, so a "sent" result does not look identical to a different "sent"
result. When a run id is available, history is evaluated only within that run,
so scheduled heartbeat cycles and fresh runs do not inherit stale loop counts
from earlier runs.
Recommended setup
- For smaller models, set
enabled: trueand leave thresholds at their defaults. Flagship models rarely need rolling-history detection and can leave the master switchfalsewhile still benefiting from the post-compaction guard. - Keep thresholds ordered
warningThreshold < criticalThreshold < globalCircuitBreakerThreshold; the runtime nudgescriticalThresholdandglobalCircuitBreakerThresholdupward if you set them at or below the threshold they must exceed. - If false positives occur:
- Raise
warningThresholdand/orcriticalThreshold. - Optionally raise
globalCircuitBreakerThreshold. - Disable only the specific detector causing issues (
detectors.<name>: false). - Reduce
historySizefor a shorter historical window.
- Raise
- To disable everything, including the post-compaction guard, set
tools.loopDetection.enabled: falseexplicitly.
Post-compaction guard
After a compaction-retry following a context-overflow, the runner arms a
short-window guard on the next few tool calls. If the agent emits the same
(toolName, argsHash, resultHash) triple postCompactionGuard.windowSize
times within that window, the guard concludes compaction did not break the
loop and aborts the run with a compaction_loop_persisted error.
The guard is gated by the master tools.loopDetection.enabled flag with one
twist: it stays enabled when the flag is unset or true, and only turns
off when the flag is explicitly false. This is intentional - the guard
exists to escape compaction loops that would otherwise burn unbounded tokens,
so a no-config user still gets the protection.
{
tools: {
loopDetection: {
// master switch; set false to disable the guard along with the rolling detectors
enabled: true,
postCompactionGuard: {
windowSize: 3, // default
},
},
},
}
- Lower
windowSizeis stricter (fewer attempts before abort). - Higher
windowSizegives the agent more recovery attempts. - The guard never aborts while results are changing; only byte-identical results across the window trigger it.
- It only arms in the immediate aftermath of a compaction-retry, not at other points in a run.
Logs and expected behavior
When a loop is detected, OpenClaw logs a loop event and either warns or blocks the next tool-cycle depending on severity, protecting against runaway token spend and lockups while preserving normal tool access.
- Warnings come first.
- Blocking follows once a pattern persists past the warning threshold.
- Critical thresholds block the next tool-cycle and surface a clear loop-detection reason in the run record.
- The post-compaction guard emits
compaction_loop_persistederrors naming the offending tool and identical-call count.