You wrote:
> I noticed this in the output of ps aux:
>
> USER PID %CPU %MEM SIZE RSS TTY STAT START TIME COMMAND
> root 244 56.2 55762.4 4768 -13964 1 R Jun 19 6312:55 dos -ckC
>
I have seen this too, and also with dosemu. Following is a post I made
about it previously. I should like to get this fixed.
Perhaps someone will notice this and respond with some thoughts;
otherwise, I shall poke into it.
TIA for any response...
--Nate Eldredge nate@cartsys.com --------------BB54F3B4A6B6CF916E614991 Content-Type: message/rfc822 Content-Transfer-Encoding: 7bit Content-Disposition: inline
Message-ID: <370EDB83.3B5C6B74@cartsys.com> Date: Fri, 09 Apr 1999 22:02:59 -0700 From: Nate Eldredge <nate@cartsys.com> X-Mailer: Mozilla 4.08 [en] (X11; I; Linux 2.2.5 i586) MIME-Version: 1.0 To: linux-kernel@vger.rutgers.edu Subject: Re: RSS goes negative References: <37069EF5.68041B9@cartsys.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit
(Kernel 2.2.5)
Nate Eldredge wrote: > > Here's a strange situation. I've been running another app that uses a > lot of swap, and now I notice the RSS for xdos, as reported by > /proc/XX/status, has gone into the negative range.
> If there's some more investigating I should do, please let me know by > e-mail ASAP. I can't keep this thing running indefinitely, and I don't > know if it'll be reproducible.
It's at least occasionally reproducible. I've seen it a couple more times since posting that.
As there has been no response, I'm going to clutter the list a bit by listing my somewhat random guesses as to the cause, in hopes that it will ring a bell with someone.
* `zap_page_range' in mm/memory.c contains this somewhat suspicious snippet:
if (mm->rss > 0) { mm->rss -= freed; if (mm->rss < 0) mm->rss = 0; }
rss is an unsigned long, and presumably the author forgot that (or it changed later). Thus, the tests are meaningless and probably a bug in themselves. But a question: Does their presence mean that rss could legitimately become "negative", and these would correct it when it happens? Or is it a paranoia test to minimize damage in case of the impossible happening?
* `do_wp_page' contains:
if (PageReserved(mem_map + MAP_NR(old_page))) ++vma->vm_mm->rss;
I don't completely understand the Linux mm model, but this seems odd. At this point in the code (handling copy-on-write), a new page has been allocated and is about to be put into the process's memory map. Oughtn't this to increase rss regardless of the attributes of the old page?
* The fact that I saw this problem only with dosemu makes me wonder if the bug is in something only it does. `mark_screen_rdonly' in arch/i386/kernel/vm86.c does some fiddling with the process's page tables, and doesn't change rss. As far as I can tell, all it does is take pages that are already present and write-protect them, in which case rss probably shouldn't change. But as I said, I don't completely understand mm, so this could easily be wrong.
Lastly, I realize rss is essentially just tourist information, so its correctness isn't (AFAIK) critical. However, negative values are obviously bogus, so IMHO this is a bug. I'd like to see it fixed correctly (i.e. not just a fix-the-symptom `if ((long)rss < 0) rss=0' kind of thing).
As I said, I can reproduce this somewhat regularly, and I'm willing to test patches or any other such thing.
Thanks for reading; any response is appreciated.
--
Nate Eldredge nate@cartsys.com
--------------BB54F3B4A6B6CF916E614991--
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/