On 17.12.21 21:51, Linus Torvalds wrote: > On Fri, Dec 17, 2021 at 12:45 PM David Hildenbrand <david@xxxxxxxxxx> wrote: >> >> If a page is mapped exactly once, page_mapcount(page) == 1 and there is >> nothing to do. > > Why? > > You state that, but you stating that doesn't magically make it so. > > What makes "mapcount==1" stable and special? Your "it's an > atomic_read()" argument is nonsense - it implies that the count can be > changing, but you will get _one_ answer. And I explained how it can not increment. And the only way is via fork(), which cannot run concurrently. > > What makes that one answer of a changing count special? > > What if there are other references to that same page, gotten with > vmsplice(), and just about to be mapped into another address space? If we have a shared anonymous page we cannot have GUP references, not even R/O ones. Because GUP would have unshared and copied the page, resulting in a R/O mapped anonymous page. What am I missing? -- Thanks, David / dhildenb
