On 17.12.21 21:51, Linus Torvalds wrote:
On Fri, Dec 17, 2021 at 12:45 PM David Hildenbrand david@redhat.com wrote:
If a page is mapped exactly once, page_mapcount(page) == 1 and there is nothing to do.
Why?
You state that, but you stating that doesn't magically make it so.
What makes "mapcount==1" stable and special? Your "it's an atomic_read()" argument is nonsense - it implies that the count can be changing, but you will get _one_ answer.
And I explained how it can not increment. And the only way is via fork(), which cannot run concurrently.
What makes that one answer of a changing count special?
What if there are other references to that same page, gotten with vmsplice(), and just about to be mapped into another address space?
If we have a shared anonymous page we cannot have GUP references, not even R/O ones. Because GUP would have unshared and copied the page, resulting in a R/O mapped anonymous page.
What am I missing?