On Wed, Mar 02, 2022 at 12:19:21PM -0600, Eric Sandeen wrote: > On 3/1/22 1:31 PM, Eric Sandeen wrote: > > On 7/14/20 8:53 PM, Darrick J. Wong wrote: > >> From: Darrick J. Wong <darrick.wong@xxxxxxxxxx> > >> > >> Currently, xfs quotas have the ability to send netlink warnings when a > >> user exceeds the limits. They also have all the support code necessary > >> to convert softlimit warnings into failures if the number of warnings > >> exceeds a limit set by the administrator. Unfortunately, we never > >> actually increase the warning counter, so this never actually happens. > >> Make it so we actually do something useful with the warning counts. > >> > >> Signed-off-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx> > >> Reviewed-by: Christoph Hellwig <hch@xxxxxx> > > > > Sooo I got a bug report that this essentially breaks the timer for > > soft quota, because we now (and quite rapidly) hit the default > > 5-warning limit well before we hit any reasonable timer that may > > have been set, and disallow more space usage. > > > > And those warnings rack up in somewhat unexpected (to me, anyway) > > ways. With a default max warning count of 5, I go over soft quota > > exactly once, touch/create 2 more empty inodes, and I'm done: > > Looking at this some more, I think it was never clear when the warnings > should get incremented. An old IRIX document[1] says: > > "With soft limits, whenever a user logs in with a usage greater than his > soft limit, he or she will be warned (via/bin/login(1))." > > Which seems to indicate that perhaps the warning was intended to be > once per login, not once per allocation attempt. Also ... > > Ancient XFS code had a "xfs_qm_dqwarn()" function which incremented the > warning count, but it never had any callers until the day it was removed > in 2005, so it's not at all clear what the warning frequency was supposed > to be or what should trigger it, from the code archives. > > Hence, my modest proposal would be to just remove the warning limits > infrastructure altogether. It's never worked, nobody has ever asked for it > (?), and its intent is not clear. My only hesitation is that Darrick added > the warning increment, so perhaps he knows of a current use case that > matters? None specifically, but it's a feature, albeit a poorly documented and previously broken one. VFS quotas don't seem to have any warning limits, so I suppose there's not a lot of precedent to go on. That said -- I don't how gutting a feature (especially since it's now been *working* for a year and a half) is the solution here. If you think the default warning limit is too low, then perhaps we should increase it. If you don't like that a single user operation can bump the warning counter multiple times, then propose adding a flag to the dqtrx structure so that we only bump the warning counter *once* per transaction. "It's never worked" is not true -- this fix was added for 5.9, and it's now shipped in two LTS kernels. On the other hand, if you think this feature is totally worthless and it should go away, there's a deprecation process for that. --D > > thanks, > -Eric > > [1] https://irix7.com/techpubs/007-0603-100.pdf