On Wed, 28 Jun 2023 at 10:27, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: > > So I think it needs to match the comment (and the try_grab_page() > logic), and just basically > > if (flags & FOLL_GET) > return try_get_folio(page, refs); > > if (is_zero_page(page)) > return page_folio(page); > > folio = try_get_folio(page, refs); > if (!folio) > return NULL; > > instead. Side note: I think we should just do the "FOLL_GET" doesn't touch the refcount either, which would make this all become just if (is_zero_page(page)) return page_folio(page); folio = try_get_folio(page, refs); if (!folio) return NULL; but then we would need to fix try_grab_page() and gup_put_folio() and friends to match. And any other cases I haven't thought of. Long long ago we used to have the logic that PG_reserved meant that no refcounting was done, and that automatically handled the zero page(s). But that was removed back in 2005... That old commit even talks about this issue: A last caveat: the ZERO_PAGE is now refcounted and managed with rmap (and thus mapcounted and count towards shared rss). These writes to the struct page could cause excessive cacheline bouncing on big systems. There are a number of ways this could be addressed if it is an issue. It's commit b5810039a54e ("[PATCH] core remove PageReserved") in case anybody wants to do some historical archaeology. Linus