On Tue, Sep 03, 2019 at 03:47:54PM -0700, Deepa Dinamani wrote:
> > > diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
> > > index 9e3ae3be3de9..5a971d1b6d5e 100644
> > > --- a/fs/ext4/ext4.h
> > > +++ b/fs/ext4/ext4.h
> > > @@ -835,7 +835,9 @@ do {
> > > \
> > > }
> > > \
> > > else {\
> > > (raw_inode)->xtime = cpu_to_le32(clamp_t(int32_t,
> > > (inode)->xtime.tv_sec, S32_MIN, S32_MAX)); \
> > > - ext4_warning_inode(inode, "inode does not support
> > > timestamps beyond 2038"); \
> > > + if (((inode)->xtime.tv_sec != (raw_inode)->xtime) && \
> > > + ((inode)->i_sb->s_time_max > S32_MAX))
> > > \
> > > + ext4_warning_inode(inode, "inode does not
> > > support timestamps beyond 2038"); \
> > > } \
> > > } while (0)
> >
> > Sure, that's much less objectionable.
>
> The reason it was warning for every update was because of the
> ratelimiting. I think ratelimiting is not working well here. I will
> check that part.
If you are calling ext4_warning_inode() on every single update, you
really can't depend on rate limiting to prevent log spam. The problem
is sometimes we *do* need more than say, one ext4 warning every hour.
Rate limiting is a last-ditch prevention against an unintentional
denial of service attack against the system, but we can't depend on it
as license to call ext4_warning() every time we set a timestamp. That
happens essentially constantly on a running system. So if you set the
limits aggressively enough that it's not seriously annoying, it will
suppress all other potential uses of ext4_warning() --- essentially,
it will make ext4_warning useless.
The other concern I would have if that warning message is being
constantly called, post 2038, is that even *with* rate limiting, it
will turn into a massive scalability bottleneck --- remember, the
ratelimit structure has a spinlock, so even if you are suppressing
things so that we're only logging one message an hour, if it's being
called hundreds of times a second from multiple CPU's, the cache line
thrashing will make this to be a performance *nightmare*.
- Ted
